You have a pool of application servers running on Compute Engine. You need to provide a secure solution that requires the least amount of configuration and allows developers to easily access application logs for troubleshooting. How would you implement the solution on GCP?
A. Deploy the Stackdriver logging agent to the application servers. Give the developers the IAM Logs Viewer role to access Stackdriver and view logs.
B. Deploy the Stackdriver logging agent to the application servers. Give the developers the IAM Logs Private Logs Viewer role to access Stackdriver and view logs.
C. Deploy the Stackdriver monitoring agent to the application servers. Give the developers the IAM Monitoring Viewer role to access Stackdriver and view metrics.
D. Install the gsutil command line tool on your application servers. Write a script using gsutil to upload your application log to a Cloud Storage bucket, and then schedule it to run via cron every 5 minutes. Give the developers the IAM Object Viewer access to view the logs in the specified bucket.
Disclaimer
This is a practice question. There is no guarantee of coming this question in the certification exam.
Answer
A
Explanation
Why is option A the answer?
The role roles/logging. Viewer (Logs Viewer) gives you read-only access to all features of Logging, except Access Transparency logs and Data Access audit logs.
As option B, the privateLogViewer gives extra access to Data Access Logs that’s is not required.
Option C is the monitoring role.
Option D is not relevant.
A. Deploy the Stackdriver logging agent to the application servers. Give the developers the IAM Logs Viewer role to access Stackdriver and view logs.
B. Deploy the Stackdriver logging agent to the application servers. Give the developers the IAM Logs Private Logs Viewer role to access Stackdriver and view logs.
C. Deploy the Stackdriver monitoring agent to the application servers. Give the developers the IAM Monitoring Viewer role to access Stackdriver and view metrics.
D. Install the gsutil command line tool on your application servers. Write a script using gsutil to upload your application log to a Cloud Storage bucket, and then schedule it to run via cron every 5 minutes. Give the developers the IAM Object Viewer access to view the logs in the specified bucket.