Google Professional Data Engineer
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
As your organization expands its usage of Google Cloud Platform (GCP), various teams have begun to create their own projects. These projects are further subdivided to cater to different deployment stages and target audiences. Each project necessitates distinct access control configurations. The central IT team is required to have access to all projects. Additionally, data from Cloud Storage buckets and BigQuery datasets must be shared across projects on an ad hoc basis. To simplify access control management and minimize the number of policies, which two steps should you take? (Choose two.)
A
Use Cloud Deployment Manager to automate access provision.
B
Introduce resource hierarchy to leverage access control policy inheritance.
C
Create distinct groups for various teams, and specify groups in Cloud IAM policies.
D
Only use service accounts when sharing data for Cloud Storage buckets and BigQuery datasets.
E
For each Cloud Storage bucket or BigQuery dataset, decide which projects need access. Find all the active members who have access to these projects, and create a Cloud IAM policy to grant access to all these users.