Topic 1 Question 293
Your organization has hired a small, temporary partner team for 18 months. The temporary team will work alongside your DevOps team to develop your organization's application that is hosted on Google Cloud. You must give the temporary partner team access to your application's resources on Google Cloud and ensure that partner employees lose access. If they are removed from their employer's organization. What should you do?
Create a temporary username and password for the temporary partner team members. Auto-clean the usernames and passwords after the work engagement has ended.
Create a workforce identity pool and federate the identity pool with the identity provider (IdP) of the temporary partner team.
Implement just-in-time privileged access to Google Cloud for the temporary partner team.
Add the identities of the temporary partner team members to your identity provider (IdP).
ユーザの投票
コメント(3)
I think it's B.
👍 4yokoyan2024/09/05- 正解だと思う選択肢: B
Answer is B
👍 1MoAk2024/11/22 - 正解だと思う選択��肢: B
b: https://cloud.google.com/iam/docs/workforce-identity-federation https://cloud.google.com/iam/docs/temporary-elevated-access
One way to protect sensitive resources is to limit access to them. However, limiting access to sensitive resources also creates friction for anyone who occasionally needs to access those resources. For example, a user might need break-glass, or emergency, access to sensitive resources to resolve an incident.
In these situations, we recommend giving the user permission to access the resource temporarily. We also recommend that, to improve auditing, you record the user's justification for accessing the resource.
👍 1Pime132024/12/09
シャッフルモード