Answer-first summary for fast verification
Answer: Add the auditors group to the 'logging.viewer' and 'bigQuery.dataViewer' predefined IAM roles.
Option A is the correct answer. According to Google-recommended best practices, it is advised to add users to a group and then assign the group the required predefined IAM roles, such as 'logging.viewer' and 'bigQuery.dataViewer.' This approach provides easier management and scalability compared to assigning individual user accounts. Furthermore, predefined roles are recommended over custom roles unless there is a specific requirement not covered by predefined roles.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In order to provide external auditors with appropriate access while adhering to Google-recommended practices for auditing, you need to set up IAM (Identity and Access Management) access audit logging in BigQuery. What steps should you take to achieve this configuration?
A
Add the auditors group to the 'logging.viewer' and 'bigQuery.dataViewer' predefined IAM roles.
B
Add the auditors group to two new custom IAM roles.
C
Add the auditor user accounts to the 'logging.viewer' and 'bigQuery.dataViewer' predefined IAM roles.
D
Add the auditor user accounts to two new custom IAM roles.
No comments yet.