Topic 1 Question 11
Your organization operates in a highly regulated industry. Separation of concerns (SoC) and security principle of least privilege (PoLP) are critical. The operations team consists of: Person A is a database administrator. Person B is an analyst who generates metric reports. Application C is responsible for automatic backups. You need to assign roles to team members for Cloud Spanner. Which roles should you assign?
roles/spanner.databaseAdmin for Person A roles/spanner.databaseReader for Person B roles/spanner.backupWriter for Application C
roles/spanner.databaseAdmin for Person A roles/spanner.databaseReader for Person B roles/spanner.backupAdmin for Application C
roles/spanner.databaseAdmin for Person A roles/spanner.databaseUser for Person B roles/spanner databaseReader for Application C
roles/spanner.databaseAdmin for Person A roles/spanner.databaseUser for Person B roles/spanner.backupWriter for Application C
ユーザの投票
コメント(7)
- 正解だと思う選択肢: A
B and C are obviously wrong because application only needs backupWriter permissions. D is wrong because roles/spanner.databaseUser contains write permissions, and we don't need that.
👍 3chelbsik2022/12/24 - 正解だと思う選択肢: A
A is the correct answer. Cloud Spanner Backup Writer This role is intended to be used by scripts that automate backup creation. A principal with this role can create backups, but cannot update or delete them. Lowest-level resource
👍 2GCP722022/12/23 A: roles/spanner.databaseAdmin for Person A roles/spanner.databaseReader for Person B roles/spanner.backupWriter for Application C
👍 2pk3492022/12/25
シャッフルモード