- Cloud Pub/Sub is a fully-managed real-time messaging service for event driven systems that allows you to send and receive messages between independent applications.
Features
- Capable of global message routing to simplify multi-region systems.
- Synchronous, cross-zone message replication and per-message receipt tracking ensure at-least-once delivery at any scale. Pub/Sub delivers each message at least once, so the Pub/Sub service might redeliver messages.
- You can declare independent quota and billing for publishers and subscribers.
- Cloud Pub/Sub doesn’t have shards or partitions. You just need to set your quota, publish, and consume.
Key Concepts
- Topic
- It is a named resource to which publishers send messages.
- Subscription
- Is a named resource representing the stream of messages from a specific topic, to be sent to the subscribing application.
- Message
- The combination of data and attributes that a publisher sends to a topic and is eventually sent to subscribers.
- Message attribute
- A key-value pair that a publisher can define for a message.
Publisher-subscriber relationships
- A publisher application creates and sends messages to a topic.
- Subscriber applications then create a subscription to a topic to receive messages from the topic.
- Communication can be
- one-to-many
- many-to-one
- many-to-many
Pricing
- Pub/Sub pricing is calculated based upon monthly data volumes:
- Message ingestion and delivery
- Snapshots and retained acknowledged messages
- The first 10 GB of data per month is offered free of charge.
Validate Your Knowledge
Question 1
You have an application packaged on a container that you plan to deploy on Cloud Run. The application performs some data analysis on messages from a Cloud Pub/Sub topic called order-queue. You want to follow Google-recommended practices.
What should you do?
a. Build a Cloud Function that is triggered every time there is a message from a Cloud Pub/Sub topic.
b. Invoke your application on Cloud Run from the Cloud Function on every message.a. Create a service account and use it for your Cloud Run application.
b. On IAM Roles, grant the Pub/Sub Subscriber role to the new service account.
c. Create a Pub/Sub subscription on theorder-queuetopic using the new service account.
d. Configure the Cloud Run application to pull messages from the subscription.a. Create a service account.
b. Associate the Cloud Run Invoker role to the service account of your Cloud Run application.
c. Create a Cloud Pub/Sub subscription using the new service account and set the push endpoint using the service URL of your Cloud Run application.a. Use Cloud Run for Anthos to deploy your application and expose your application to the public by setting the connectivity to
External.
b. Create a Pub/Sub subscription on theorder-queuetopic.
c. Deploy a new container that takes messages from Cloud Pub/Sub and sends it to your application.
Correct Answer: 2
A service account is a special kind of account used by an application or a virtual machine (VM) instance, not a person. Applications use service accounts to make authorized API calls, authorized as either the service account itself or as Google Workspace or Cloud Identity users through domain-wide delegation.
A Pub/Sub Subscriber provides access to consume messages from a subscription and to attach subscriptions to a topic. To receive messages published on a topic, you must create a subscription to that topic. Only messages published to the topic after the subscription is created are available to subscriber applications. The subscription connects the topic to a subscriber application that receives and processes messages published to the topic. A topic can have multiple subscriptions, but a given subscription belongs to a single topic.
A subscription can use either the pull or push mechanism for message delivery. You can change or configure the mechanism at any time.
In pull delivery, your subscriber application initiates requests to the Pub/Sub server to retrieve messages.
1. The subscribing application explicitly calls the pull method, which requests messages for delivery.
2. The Pub/Sub server responds with the message (or an error if the queue is empty), and an ack ID.
3. The subscriber explicitly calls the acknowledge method, using the returned ack ID to acknowledge receipt.
It is required in the scenario to let the Cloud Run application process messages from a Cloud Pub/Sub Topic.
To accomplish this, you need to have a service account that your Cloud Run application will use to make authorized API calls to the order-queue Pub/Sub topic. You also need to attach the Pub/Sub Subscriber role to the service account.
But aside from the service account, you also have to set up a Pub/Sub subscription using the service account. The subscription can either be a push or a pull delivery type.
Hence, the correct answer is:
1. Create a service account and use it for your Cloud Run application.
2. On IAM Roles, grant the Pub/Sub Subscriber role to the new service account.
3. Create a Pub/Sub subscription on the order-queue topic using the new service account.
4. Configure the Cloud Run application to pull messages from the subscription.
The following option is incorrect because there is no need to create a Cloud Function to push messages to a Cloud Run application. This can be done using push/pull subscriptions.
1. Build a Cloud Function that is triggered every time there is a message from a Cloud Pub/Sub topic.
2. Invoke your application on Cloud Run from the Cloud Function on every message.
The following option is incorrect because granting the Cloud Run Invoker role to the service account will only allow the service account to call a Cloud Run application. You need to get messages from a Pub/Sub topic and not invoke a Cloud Run application:
1. Create a service account.
2. Associate the Cloud Run Invoker role to the service account of your Cloud Run application.
3. Create a Cloud Pub/Sub subscription using the new service account and set the push endpoint using the service URL of your Cloud Run application.
The following option is incorrect because you don’t need to expose your application to the Internet by setting your application’s connectivity to External since Cloud Pub/Sub messages can be accessed internally in the Google Cloud. Moreover, there is no need to create another application that takes messages from Cloud Pub/Sub and sends it to your application since this can be accomplished by a simple Pub/Sub subscription.
1. Use Cloud Run for Anthos to deploy your application and expose your application to the public by setting the connectivity to External.
2. Create a Pub/Sub subscription on the order-queue topic.
3. Deploy a new container that takes messages from Cloud Pub/Sub and sends it to your application.
References:
https://cloud.google.com/pubsub/docs/subscriber
https://cloud.google.com/iam/docs/service-accounts
https://cloud.google.com/iam/docs/understanding-roles#pub-sub-roles
https://cloud.google.com/pubsub/docs/pull
Note: This question was extracted from our Google Certified Associate Cloud Engineer Practice Exams.
For more Google Cloud practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:
References:
https://cloud.google.com/pubsub
https://cloud.google.com/pubsub/docs/overview
Pass your AWS, Azure, and Google Cloud Certifications with the Tutorials Dojo Portal
Our Bestselling AWS Certified Solutions Architect Associate Practice Exams
Enroll Now – Our AWS Practice Exams with 95% Passing Rate
Enroll Now – Our Azure Certification Exam Reviewers
Enroll Now – Our Google Cloud Certification Exam Reviewers
Tutorials Dojo Exam Study Guide eBooks
Subscribe to our YouTube Channel
FREE Intro to Cloud Computing for Beginners
FREE AWS, Azure, GCP Practice Test Samplers
