Topic 1 Question 165
Your customer is moving their corporate applications to Google Cloud Platform. The security team wants detailed visibility of all projects in the organization. You provision the Google Cloud Resource Manager and set up yourself as the org admin. What Google Cloud Identity and Access Management (Cloud IAM) roles should you give to the security team?
Org viewer, project owner
Org viewer, project viewer
Org admin, project browser
Project owner, network admin
ユーザの投票
コメント(17)
A is not correct because Project owner is too broad. The security team does not need to be able to make changes to projects.
B is correct because:-Org viewer grants the security team permissions to view the organization's display name. -Project viewer grants the security team permissions to see the resources within projects.
C is not correct because Org admin is too broad. The security team does not need to be able to make changes to the organization.
D is not correct because Project owner is too broad. The security team does not need to be able to make changes to projects.
👍 27shandy2019/11/26B is the best answer because according to Google documentation i is best to use predefined roles and give the every team the least amount of access. (https://cloud.google.com/iam/docs/using-iam-securely) The question states the security must be able to view things, and the viewer role allows just that.
👍 12Eroc2019/10/23Very similar question was presented on 15 July 2022 exam
👍 3mahima123k2022/07/17
シャッフルモード