Service Accounts — Google Cloud Professional Cloud Architect Practice Questions
Service accounts are special GCP identities assigned to workloads (VMs, Cloud Functions, GKE pods, pipelines) rather than to human users, enabling applications to authenticate to Google APIs using managed credentials. The Professional Cloud Architect exam tests least-privilege assignment of IAM roles to service accounts, the risks of the default service account pattern, and controls such as disabling service account key creation at the org level. Architects must also understand service account impersonation and when to use it versus direct role binding.
Free questions on service accounts
You need to authenticate applications between GCP services without storing credentials. What should you use?
Free question · medium · full answer + explanation
More service accounts questions in the full bank
- Your organization needs to implement multi-factor authentication across cloud resources. What is required? Unlock answer & explanation →
- You need to implement role-based access with service accounts for application authentication. What is the setup? Unlock answer & explanation →
- How does Workload Identity prevent credential exposure? Unlock answer & explanation →