Google Certified Associate Cloud Engineer 2020
  1. Rooms
  2. Google Certified Associate Cloud Engineer 2020

Sign Up Free or Log In to participate!

Why not use READ WRITE?

Default scopes to storage in instances or instances templates is READ ONLY, and teacher sets these to WRITE ONLY. Why? Why not READ WRITE?

1 Answers

The startup script that is attached to the instance will create a txt file and write it to storage bucket. So the GCE instance needs WRITE permission. There is no other use case where the instance needs to read the files in storage bucket, so WRITE ONLY is sufficient and agrees with least privilege principle.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization