GCP Service Account Impersonation Language Collocations
Practise the standard verbs for managing GCP service account impersonation safely.
0 / 5 completed
1 / 5
Fill in: 'We ___ short-lived impersonation tokens to a human operator for a one-off task, rather than handing out a service account's own long-lived key file.'
We 'grant a token' — the standard, established collocation for allowing temporary impersonation of a service account. The other options aren't the recognised term here.
2 / 5
Fill in: 'Distributing a service account's raw key file instead of using impersonation can ___ a long-lived credential floating around on laptops with no expiry at all.'
We say key distribution will 'leave' a long-lived credential exposed — the standard, natural collocation for the resulting risk. The other options aren't idiomatic here.
3 / 5
Fill in: 'We ___ the impersonation permission to the exact service account and role needed for one task, rather than granting broad access that outlives the task itself.'
We 'scope a permission' — the standard, simple collocation for narrowing a grant to only what's required. The other options are less idiomatic here.
4 / 5
Fill in: 'We ___ impersonation grants across every project quarterly, so a permission given for a task finished months ago doesn't quietly persist unnoticed.'
We 'audit' grants — the standard, simple collocation for periodically reviewing who can impersonate what. The other options are less idiomatic here.
5 / 5
Fill in: 'We ___ an impersonation grant the moment a contractor's engagement ends, rather than leaving a still-valid permission attached to an account nobody's watching.'
We 'revoke a grant' — the standard, established collocation for removing a permission once it's no longer needed. The other options aren't the recognised term here.