This command updates an existing deployment with the configuration specified in the `deployment-config-path` file. It allows you to make changes to the deployment without any downtime in the resources.
You need to run an important query in BigQuery but expect it to return a lot of records.
You want to find out how much it will cost to run the query. You are using on-demand pricing.
What should you do?
Arrange to switch to Flat-Rate pricing for this query, then move back to on-demand.
Use the command line to run a dry run query to estimate the number of bytes read. Then convert that bytes estimate to dollars using the Pricing Calculator.
Use the command line to run a dry run query to estimate the number of bytes returned. Then convert that bytes estimate to dollars using the Pricing Calculator.
Run a select count (*) to get an idea of how many records your query will look through. Then convert that number of rows to dollars using the Pricing Calculator.
Answer is Use the command line to run a dry run query to estimate the number of bytes read. Then convert that bytes estimate to dollars using the Pricing Calculator.
Running a dry run query using the command line can estimate the number of bytes read by the query, which can then be used to estimate the cost of running the query using the Pricing Calculator. To estimate the cost of a BigQuery query, you can use the bq command-line tool to run a dry-run query.
Option A: Arranging to switch to Flat-Rate pricing will not help you estimate the cost of running the query using on-demand pricing.
Option C: Estimating the number of bytes returned by the query will not give you an accurate estimate of the cost of running the query using on-demand pricing.
Option D: Estimating the number of rows that the query will look through will not give you an accurate estimate of the cost of running the query using on-demand pricing.
Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance.
What should you do?
Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key in the metadata of each instance.
Ask each member of the team to generate a new SSH key pair and to send you their public key. Use a configuration management tool to deploy those keys on each instance.
Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the compute.osAdminLogin role to the Google group corresponding to this team.
Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.
Answer is Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the ג€compute.osAdminLoginג€ role to the Google group corresponding to this team.
In this scenario, granting the "compute.osAdminLogin" role to a Google group corresponding to the operational team would be the best option. This role would provide each team member with administrative access to instances, and by adding their public key to their Google account, they can use it to authenticate their access to instances without the need for a separate key management system. Additionally, the security team's requirement for auditing access can be met by using Cloud Audit Logging to log all access to the instances.
You have an application that looks for its licensing server on the IP 10.0.3.21. You need to deploy the licensing server on Compute Engine. You do not want to change the configuration of the application and want the application to be able to reach the licensing server.
What should you do?
Reserve the IP 10.0.3.21 as a static internal IP address using gcloud and assign it to the licensing server.
Reserve the IP 10.0.3.21 as a static public IP address using gcloud and assign it to the licensing server.
Use the IP 10.0.3.21 as a custom ephemeral IP address and assign it to the licensing server.
Start the licensing server with an automatic ephemeral IP address, and then promote it to a static internal IP address.
Answer is Reserve the IP 10.0.3.21 as a static internal IP address using gcloud and assign it to the licensing server.
To deploy the licensing server on Compute Engine and ensure that the application can reach it, you should reserve the IP 10.0.3.21 as a static internal IP address and assign it to the licensing server.
By reserving IP 10.0.3.21 as a static internal IP address, you can ensure that the application can reach the licensing server at that IP address without changing the application's configuration.
To reserve the IP 10.0.3.21 as a static internal IP address and assign it to a Compute Engine instance using gcloud, you can use the following command:
Replace [INSTANCE_NAME] with the name of the Compute Engine instance that you want to create, and [IP_ADDRESS] with the desired static internal IP address (in this case, 10.0.3.21).
The --no-address flag specifies that the instance should not be assigned a public IP address.
You have a development project with appropriate IAM roles defined.
You are creating a production project and want to have the same IAM roles on the new project, using the fewest possible steps.
What should you do?
Use gcloud iam roles copy and specify the production project as the destination project.
Use gcloud iam roles copy and specify your organization as the destination organization.
In the Google Cloud Platform Console, use the 'create role from role' functionality.
In the Google Cloud Platform Console, use the 'create role' functionality and select all applicable permissions.
Answer is Use gcloud iam roles copy and specify the production project as the destination project.
To create the same IAM roles in a production project as in a development project, using the fewest possible steps, you can use the gcloud iam roles copy command and specify the production project as the destination project.
The `gcloud iam roles copy` command allows you to copy IAM roles between projects or organizations. By specifying the production project as the destination project, you can copy the IAM roles from the development project to the production project.
To create a copy of an existing role into a project with PROJECT_ID, run:
gcloud iam roles copy --source="roles/ROLE" --destination=CustomSpannerDbAdmin --dest-project=PROJECT_ID
Option B is incorrect because specifying your organization as the destination organization will copy the IAM roles to all projects within the organization, which is not what you want.