Google Associate Cloud Engineer
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
During a recent audit of your current Google Cloud resources, you identified the presence of several users whose email addresses are not part of your established Google Workspace domain. To uphold security and governance standards, it is crucial to ensure that access to your resources is limited strictly to users with email addresses within your domain. Therefore, you need to remove any users whose email addresses do not align with your domain, and you seek a solution that circumvents the need for manually auditing resources to pinpoint these mismatched users. What action should you take?
Explanation:
The correct answer is D. The organizational policy constraint to limit identities by domain can be used to ensure that only users with email addresses matching your domain can access resources. However, this policy is not retroactive, meaning it will not automatically remove existing mismatched users. You will need to retroactively remove the existing mismatched users after setting the policy. This approach ensures ongoing compliance without requiring continuous manual audits.