Google Cloud Pub/Sub

  • Cloud Pub/Sub is a fully-managed real-time messaging service for event driven systems that allows you to send and receive messages between independent applications.

Features

  • Capable of global message routing to simplify multi-region systems.
  • Synchronous, cross-zone message replication and per-message receipt tracking ensure at-least-once delivery at any scale. Pub/Sub delivers each message at least once, so the Pub/Sub service might redeliver messages.
  • You can declare independent quota and billing for publishers and subscribers.
  • Cloud Pub/Sub doesn’t have shards or partitions. You just need to set your quota, publish, and consume.
  • IT Certification Category (English)728x90

Key Concepts

  • Topic
    • It is a named resource to which publishers send messages.
  • Subscription
    • Is a named resource representing the stream of messages from a specific topic, to be sent to the subscribing application.
  • Message
    • The combination of data and attributes that a publisher sends to a topic and is eventually sent to subscribers.
  • Message attribute
    • A key-value pair that a publisher can define for a message.

Publisher-subscriber relationships

  • A publisher application creates and sends messages to a topic.
  • Subscriber applications then create a subscription to a topic to receive messages from the topic.
  • Communication can be
    • one-to-many
    • many-to-one
    • many-to-many

Pricing

  • Pub/Sub pricing is calculated based upon monthly data volumes:
    • Message ingestion and delivery
    • Snapshots and retained acknowledged messages
  • The first 10 GB of data per month is offered free of charge.

Validate Your Knowledge

Question 1

You have an application packaged on a container that you plan to deploy on Cloud Run. The application performs some data analysis on messages from a Cloud Pub/Sub topic called order-queue. You want to follow Google-recommended practices.

What should you do?

  1. a. Build a Cloud Function that is triggered every time there is a message from a Cloud Pub/Sub topic.
    b. Invoke your application on Cloud Run from the Cloud Function on every message.

  2. a. Create a service account and use it for your Cloud Run application.
    b. On IAM Roles, grant the Pub/Sub Subscriber role to the new service account.
    c. Create a Pub/Sub subscription on the order-queue topic using the new service account.
    d. Configure the Cloud Run application to pull messages from the subscription.

  3. a. Create a service account.
    b. Associate the Cloud Run Invoker role to the service account of your Cloud Run application.
    c. Create a Cloud Pub/Sub subscription using the new service account and set the push endpoint using the service URL of your Cloud Run application.

  4. a. Use Cloud Run for Anthos to deploy your application and expose your application to the public by setting the connectivity to External.
    b. Create a Pub/Sub subscription on the order-queue topic.
    c. Deploy a new container that takes messages from Cloud Pub/Sub and sends it to your application.

Correct Answer: 2

A service account is a special kind of account used by an application or a virtual machine (VM) instance, not a person. Applications use service accounts to make authorized API calls, authorized as either the service account itself or as Google Workspace or Cloud Identity users through domain-wide delegation.

A Pub/Sub Subscriber provides access to consume messages from a subscription and to attach subscriptions to a topic. To receive messages published on a topic, you must create a subscription to that topic. Only messages published to the topic after the subscription is created are available to subscriber applications. The subscription connects the topic to a subscriber application that receives and processes messages published to the topic. A topic can have multiple subscriptions, but a given subscription belongs to a single topic.

A subscription can use either the pull or push mechanism for message delivery. You can change or configure the mechanism at any time.

In pull delivery, your subscriber application initiates requests to the Pub/Sub server to retrieve messages.

1. The subscribing application explicitly calls the pull method, which requests messages for delivery.

2. The Pub/Sub server responds with the message (or an error if the queue is empty), and an ack ID.

3. The subscriber explicitly calls the acknowledge method, using the returned ack ID to acknowledge receipt.

It is required in the scenario to let the Cloud Run application process messages from a Cloud Pub/Sub Topic.

To accomplish this, you need to have a service account that your Cloud Run application will use to make authorized API calls to the order-queue Pub/Sub topic. You also need to attach the Pub/Sub Subscriber role to the service account.

But aside from the service account, you also have to set up a Pub/Sub subscription using the service account. The subscription can either be a push or a pull delivery type.

Hence, the correct answer is:

1. Create a service account and use it for your Cloud Run application.

2. On IAM Roles, grant the Pub/Sub Subscriber role to the new service account.

3. Create a Pub/Sub subscription on the order-queue topic using the new service account.

4. Configure the Cloud Run application to pull messages from the subscription.

The following option is incorrect because there is no need to create a Cloud Function to push messages to a Cloud Run application. This can be done using push/pull subscriptions.

1. Build a Cloud Function that is triggered every time there is a message from a Cloud Pub/Sub topic.

Tutorials Dojo Study Guide and Cheatsheet

2. Invoke your application on Cloud Run from the Cloud Function on every message.

The following option is incorrect because granting the Cloud Run Invoker role to the service account will only allow the service account to call a Cloud Run application. You need to get messages from a Pub/Sub topic and not invoke a Cloud Run application:

1. Create a service account.

2. Associate the Cloud Run Invoker role to the service account of your Cloud Run application.

3. Create a Cloud Pub/Sub subscription using the new service account and set the push endpoint using the service URL of your Cloud Run application.

The following option is incorrect because you don’t need to expose your application to the Internet by setting your application’s connectivity to External since Cloud Pub/Sub messages can be accessed internally in the Google Cloud. Moreover, there is no need to create another application that takes messages from Cloud Pub/Sub and sends it to your application since this can be accomplished by a simple Pub/Sub subscription.

1. Use Cloud Run for Anthos to deploy your application and expose your application to the public by setting the connectivity to External.

2. Create a Pub/Sub subscription on the order-queue topic.

3. Deploy a new container that takes messages from Cloud Pub/Sub and sends it to your application.

References:
https://cloud.google.com/pubsub/docs/subscriber
https://cloud.google.com/iam/docs/service-accounts
https://cloud.google.com/iam/docs/understanding-roles#pub-sub-roles
https://cloud.google.com/pubsub/docs/pull

Note: This question was extracted from our Google Certified Associate Cloud Engineer Practice Exams.

For more Google Cloud practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:

Google Certified Associate Cloud Engineer Practice Exams

References:
https://cloud.google.com/pubsub
https://cloud.google.com/pubsub/docs/overview

Pass your AWS, Azure, and Google Cloud Certifications with the Tutorials Dojo Portal

Tutorials Dojo portal

Our Bestselling AWS Certified Solutions Architect Associate Practice Exams

AWS Certified Solutions Architect Associate Practice Exams

Enroll Now – Our AWS Practice Exams with 95% Passing Rate

AWS Practice Exams Tutorials Dojo

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

Tutorials Dojo Study Guide and Cheat Sheets-2

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?

error: Content is protected !!