Complete the code to create a firewall rule that allows HTTP traffic.
gcloud compute firewall-rules create allow-http --allow [1]The firewall rule must allow TCP traffic on port 80 for HTTP.
Complete the code to enable encryption for a Cloud Storage bucket.
gsutil kms encryption -k [1] gs://my-secure-bucketThe key must be in the correct location and key ring for your project. Here, the US location is used as an example.
Fix the error in the IAM policy binding to grant a user the Storage Object Viewer role.
gcloud projects add-iam-policy-binding my-project --member='user:[1]' --role='roles/storage.objectViewer'
The member must be a valid email address with the 'user:' prefix.
Fill both blanks to create a service account and grant it the Compute Admin role.
gcloud iam service-accounts create [1] --display-name="[2]" gcloud projects add-iam-policy-binding my-project --member='serviceAccount:[1]@my-project.iam.gserviceaccount.com' --role='roles/compute.admin'
The service account name is 'compute-admin-sa' and the display name is 'Compute Admin Service Account'.
Fill all three blanks to create a VPC firewall rule allowing SSH and RDP from a specific IP range.
gcloud compute firewall-rules create allow-ssh-rdp --network=[1] --allow=[2] --source-ranges=[3]
The firewall rule applies to the 'default' network, allows TCP ports 22 and 3389 for SSH and RDP, and restricts access to the IP range 192.168.1.0/24.