Bird
Raised Fist0
GCPcloud~20 mins

Configuration properties in GCP - Practice Problems & Coding Challenges

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Challenge - 5 Problems
🎖️
Cloud Configuration Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Configuration
intermediate
2:00remaining
Identify the correct GCP configuration for enabling Stackdriver logging on a Compute Engine VM

You want to enable Stackdriver logging on a Google Compute Engine VM instance using the metadata server. Which configuration property must be set correctly?

ASet the metadata key 'enable-stackdriver-logging' to 'true' on the VM instance
BSet the metadata key 'google-logging-enabled' to 'TRUE' on the VM instance
CSet the metadata key 'logging.googleapis.com/enable' to 'true' on the VM instance
DSet the metadata key 'enable-oslogin' to 'TRUE' on the VM instance
Attempts:
2 left
💡 Hint

Think about the exact metadata key that controls Stackdriver logging on VM instances.

Architecture
intermediate
2:00remaining
Choose the correct configuration to restrict Cloud Storage bucket access to a specific VPC network

You want to configure a Cloud Storage bucket so that only resources inside a specific VPC network can access it. Which configuration property should you use?

AEnable the bucket's 'publicAccessPrevention' property to 'enforced'
BConfigure a VPC Service Controls perimeter including the bucket and the VPC network
CSet the bucket's IAM policy to include the VPC network as a member
DSet the bucket's 'networkConfig' property to the VPC network's name
Attempts:
2 left
💡 Hint

Think about how Google Cloud restricts access between services and networks.

security
advanced
2:00remaining
Determine the effect of setting 'publicAccessPrevention' to 'enforced' on a Cloud Storage bucket

What is the result of setting the 'publicAccessPrevention' property to 'enforced' on a Cloud Storage bucket?

AThe bucket allows public access only if the 'allUsers' member is added to IAM
BOnly users with the 'Storage Object Viewer' role can access the bucket publicly
CThe bucket becomes publicly accessible to anyone on the internet
DAll public access to the bucket is blocked regardless of IAM policies
Attempts:
2 left
💡 Hint

Consider what 'publicAccessPrevention' means for public permissions.

service_behavior
advanced
2:00remaining
Predict the behavior when setting 'autoscalingPolicy' minInstances higher than maxInstances in Cloud Run

In Cloud Run, what happens if you configure the autoscaling policy with 'minInstances' set to 5 and 'maxInstances' set to 3?

ACloud Run will throw a configuration error and reject the deployment
BCloud Run will set both 'minInstances' and 'maxInstances' to 5 automatically
CCloud Run will autoscale between 3 and 5 instances dynamically
DCloud Run will ignore the 'minInstances' and use 'maxInstances' as 3
Attempts:
2 left
💡 Hint

Think about valid ranges for autoscaling configuration.

Best Practice
expert
3:00remaining
Select the best configuration property to enforce encryption with customer-managed keys (CMEK) on all BigQuery datasets in a project

You want to enforce that all BigQuery datasets in your project use customer-managed encryption keys (CMEK) by default. Which configuration approach achieves this best?

AEnable CMEK enforcement via an Organization Policy constraint for BigQuery datasets
BSet the project-level default encryption key property to the CMEK key resource name
CManually specify the CMEK key in each dataset's encryption configuration
DConfigure a Cloud IAM role that requires CMEK usage on BigQuery datasets
Attempts:
2 left
💡 Hint

Consider how to enforce policies across all datasets automatically.

Practice

(1/5)
1. What is the purpose of configuration properties in Google Cloud Platform (GCP)?
easy
A. To define settings that control how cloud resources behave
B. To write application code for cloud functions
C. To store user data in databases
D. To monitor network traffic in real-time

Solution

  1. Step 1: Understand configuration properties

    Configuration properties are settings that control the behavior of cloud resources like virtual machines, storage, or services.

  2. Step 2: Differentiate from other cloud tasks

    Writing code, storing data, or monitoring traffic are different tasks not directly related to configuration properties.

  3. Final Answer:

    To define settings that control how cloud resources behave -> Option A

  4. Quick Check:

    Configuration properties = settings control behavior [OK]
Hint: Think of configuration as setting rules for cloud resources [OK]
Common Mistakes:
  • Confusing configuration with coding
  • Mixing configuration with data storage
  • Assuming configuration monitors traffic
2. Which of the following is the correct way to specify a configuration property in a GCP YAML deployment file?
easy
A. config: instanceType = n1-standard-1
B. properties: instanceType: n1-standard-1
C. settings: instanceType: 'n1-standard-1'
D. parameters: instanceType -> n1-standard-1

Solution

  1. Step 1: Identify correct YAML syntax for properties

    In GCP deployment manager, configuration properties are under 'properties:' with key-value pairs using colon and indentation.

  2. Step 2: Check each option's syntax

    properties: instanceType: n1-standard-1 uses 'properties:' and colon syntax correctly. Options B, C, and D use incorrect keys or invalid syntax like '=' or '->'.

  3. Final Answer:

    properties: instanceType: n1-standard-1 -> Option B

  4. Quick Check:

    YAML properties use colon and indentation [OK]
Hint: YAML uses colon and indentation for key-value pairs [OK]
Common Mistakes:
  • Using '=' instead of ':' in YAML
  • Wrong top-level key like 'config' or 'settings'
  • Using symbols like '->' which are invalid in YAML
3. Given this snippet of a GCP deployment YAML: 
resources:
- name: my-vm
  type: compute.v1.instance
  properties:
    zone: us-central1-a
    machineType: zones/us-central1-a/machineTypes/n1-standard-1
    disks:
    - deviceName: boot
      type: PERSISTENT
      boot: true
      autoDelete: true
      initializeParams:
        sourceImage: projects/debian-cloud/global/images/family/debian-10
What is the machine type configured for the VM?
medium
A. n1-standard-1
B. us-central1-a
C. debian-10
D. PERSISTENT

Solution

  1. Step 1: Locate machineType property

    The machineType is set under properties as 'zones/us-central1-a/machineTypes/n1-standard-1'. The last part after the last slash is the machine type.

  2. Step 2: Extract machine type value

    The machine type is 'n1-standard-1', which defines the VM size and resources.

  3. Final Answer:

    n1-standard-1 -> Option A

  4. Quick Check:

    Machine type is the last part of the path [OK]
Hint: Machine type is the last segment in the machineTypes path [OK]
Common Mistakes:
  • Confusing zone with machine type
  • Picking image name as machine type
  • Selecting disk type as machine type
4. You have this GCP deployment YAML snippet: 
resources:
- name: my-storage
  type: storage.v1.bucket
  properties:
    location: us-east1
    storageClass: STANDARD
    versioning:
      enabled: true
    accessControl:
      - entity: allUsers
        role: READER
What is the error in this configuration?
medium
A. location must be a zone, not a region
B. versioning.enabled must be false for public buckets
C. accessControl should be acl
D. storageClass must be lowercase

Solution

  1. Step 1: Check property names for storage bucket

    The correct property for access control in GCP storage buckets is 'acl', not 'accessControl'.

  2. Step 2: Validate other properties

    Versioning can be true or false regardless of public access. StorageClass is case-insensitive but usually uppercase is accepted. Location is a region, which is correct.

  3. Final Answer:

    accessControl should be acl -> Option C

  4. Quick Check:

    Property names must match GCP specs exactly [OK]
Hint: Check exact property names in GCP docs [OK]
Common Mistakes:
  • Using incorrect property name 'accessControl' instead of 'acl'
  • Assuming versioning must be false for public buckets
  • Confusing region and zone names
5. You want to configure a GCP Compute Engine instance with a startup script and custom metadata. Which configuration properties should you use in your deployment YAML to achieve this?
hard
A. startupScript: | #!/bin/bash echo Hello World
B. scripts: startup: '#!/bin/bash\necho Hello World'
C. customMetadata: startup-script: '#!/bin/bash\necho Hello World'
D. metadata: items: - key: startup-script value: |- #!/bin/bash echo Hello World

Solution

  1. Step 1: Identify correct metadata property for startup scripts

    GCP Compute Engine uses 'metadata' with 'items' list containing key-value pairs for custom metadata like 'startup-script'.

  2. Step 2: Verify syntax for multiline script

    Using '|-' in YAML allows multiline script values correctly under 'value'. Other options use incorrect property names or formats.

  3. Final Answer:

    metadata: items: - key: startup-script value: |- #!/bin/bash echo Hello World -> Option D

  4. Quick Check:

    Use metadata.items with key startup-script [OK]
Hint: Startup scripts go under metadata.items with key 'startup-script' [OK]
Common Mistakes:
  • Using wrong property names like startupScript or scripts
  • Not formatting multiline scripts properly in YAML
  • Placing script outside metadata block