0
0
GCPcloud~5 mins

Service account keys management in GCP - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is a service account key in Google Cloud?
A service account key is a special credential file that allows applications or users to authenticate as a service account to access Google Cloud resources securely.
Click to reveal answer
intermediate
Why should you avoid long-lived service account keys?
Long-lived keys increase the risk of unauthorized access if the key is leaked. It's best to rotate keys regularly and delete unused keys to keep your environment secure.
Click to reveal answer
intermediate
How can you rotate a service account key safely?
Create a new key, update your applications to use the new key, then delete the old key once the new key is confirmed working.
Click to reveal answer
advanced
What is the recommended way to manage service account keys instead of downloading them?
Use Workload Identity Federation or Google Cloud IAM roles with short-lived tokens to avoid managing long-lived keys.
Click to reveal answer
beginner
Where can you manage service account keys in Google Cloud Console?
In the Google Cloud Console, go to IAM & Admin > Service Accounts, select the service account, then go to the Keys tab to create, view, or delete keys.
Click to reveal answer
What is the main risk of keeping service account keys for a long time?
AThey can be leaked and used by attackers
BThey expire automatically
CThey slow down your application
DThey increase your billing costs
Which of the following is a best practice for service account key management?
AShare keys via email
BUse the same key for all projects
CRotate keys regularly
DNever delete old keys
Where do you find the option to create a new service account key in Google Cloud Console?
ACompute Engine > VM Instances
BIAM & Admin > Service Accounts > Keys tab
CCloud Storage > Buckets
DBilling > Payment Settings
What is a safer alternative to using service account keys for authentication?
ADisabling authentication
BUsing user passwords
CSharing keys publicly
DWorkload Identity Federation
What should you do after creating a new service account key for rotation?
ADelete the old key after updating applications
BKeep both keys active forever
CShare the key with everyone
DIgnore the new key
Explain the steps to safely rotate a service account key in Google Cloud.
Think about how to avoid downtime and security risks.
You got /3 concepts.
    Describe why managing service account keys properly is important for cloud security.
    Consider what happens if keys fall into the wrong hands.
    You got /4 concepts.