Answer-first summary for fast verification
Answer: • Add all developers to a Google group in Cloud Identity. • Create a custom role with Compute Engine, Cloud Functions, and Cloud SQL permissions at the Google Cloud organization level. • Assign the custom role to the Google group.
Option D is the correct answer. It combines the security of a custom role tailored to the company's policy with the ease of management provided by organization-level assignment to a Cloud Identity group. By creating a custom role with the required permissions (Compute Engine, Cloud Functions, and Cloud SQL) at the organization level and assigning this custom role to a Google group in Cloud Identity, you ensure consistent permissions for all developers with minimal administrative effort. Additionally, applying roles at the organization level ensures that permissions are inherited across all projects within the organization.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company mandates that all developers must have identical permissions across various Google Cloud projects. In addition, the company's security policy restricts developer permissions solely to Compute Engine, Cloud Functions, and Cloud SQL. You are tasked with implementing this security policy efficiently with minimal effort. What actions should you take to achieve this?
A
• Create a custom role with Compute Engine, Cloud Functions, and Cloud SQL permissions in one project within the Google Cloud organization. • Copy the role across all projects created within the organization with the gcloud iam roles copy command. • Assign the role to developers in those projects.
B
• Add all developers to a Google group in Google Groups for Workspace. • Assign the predefined role of Compute Admin to the Google group at the Google Cloud organization level.
C
• Add all developers to a Google group in Cloud Identity. • Assign predefined roles for Compute Engine, Cloud Functions, and Cloud SQL permissions to the Google group for each project in the Google Cloud organization.
D
• Add all developers to a Google group in Cloud Identity. • Create a custom role with Compute Engine, Cloud Functions, and Cloud SQL permissions at the Google Cloud organization level. • Assign the custom role to the Google group.