🔥 3-day streak
Professional Cloud Security Engineer149 / 152
Question 149 of 152
A financial services company runs a compliance workflow on Compute Engine VMs. Auditors flag that the default Compute Engine service account is attached to every VM and holds the Editor role at the project level. The security team wants each application to run with only the specific permissions it needs, and they want to eliminate the risk associated with the broad default account without breaking existing workloads during migration. What is the recommended sequence of actions to achieve least privilege?
Reviewed for accuracy · Report an issueNext question