Topic 1 Question 80

Associate Cloud Engineer

Topic 1 Question 80
You want to add a new auditor to a Google Cloud Platform project. The auditor should be allowed to read, but not modify, all project items. How should you configure the auditor's permissions?
- Create a custom role with view-only project permissions. Add the user's account to the custom role.
- Create a custom role with view-only service permissions. Add the user's account to the custom role.
- Select the built-in IAM project Viewer role. Add the user's account to this role.
- Select the built-in IAM service Viewer role. Add the user's account to this role.
解説
Reference: https://cloud.google.com/resource-manager/docs/access-control-proj

ユーザの投票
コメント(17)
- C is correct roles/Viewer role provides access to all resources under the projects but do not alter the state of these resources
  
  👍 39
  cloudenthu012020/06/25
- C. Select the built-in IAM project Viewer role. Add the user's account to this role.
  
  👍 13
  glam2020/10/11
- 正解だと思う選択肢: C
  Go for C.
  
  The debate is between A and C. From auditor accessibility perspective they are the same, but from practical perspective C is the only option. For people who vote for A, you must never work with auditors in an enterprise level project. There are hundred if not thousands of permission you need to set one by one if you create custom role by yourself. And they will come to you and ask for permission every single day. And this is an "there's no alternative" situation where using Basic role is practical.
  
  👍 4
  Jelly_Wang2023/04/14
シャッフルモード

解説

ユーザの投票

コメント(17)