Answer-first summary for fast verification
Answer: Introduce resource hierarchy to leverage access control policy inheritance., Create distinct groups for various teams, and specify groups in Cloud IAM policies.
The best options to simplify access control management while minimizing the number of policies are B and C. Option B, introducing a resource hierarchy, is effective as it allows you to set IAM policies at different levels and lets resources inherit the access control policies of their parent resource. Option C, creating distinct groups for various teams and specifying groups in Cloud IAM policies, reduces the administrative complexity by assigning roles to groups instead of individual users, making the management of permissions more scalable and easier to maintain.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As your organization expands its usage of Google Cloud Platform (GCP), various teams have begun to create their own projects. These projects are further subdivided to cater to different deployment stages and target audiences. Each project necessitates distinct access control configurations. The central IT team is required to have access to all projects. Additionally, data from Cloud Storage buckets and BigQuery datasets must be shared across projects on an ad hoc basis. To simplify access control management and minimize the number of policies, which two steps should you take? (Choose two.)
A
Use Cloud Deployment Manager to automate access provision.
B
Introduce resource hierarchy to leverage access control policy inheritance.
C
Create distinct groups for various teams, and specify groups in Cloud IAM policies.
D
Only use service accounts when sharing data for Cloud Storage buckets and BigQuery datasets.
E
For each Cloud Storage bucket or BigQuery dataset, decide which projects need access. Find all the active members who have access to these projects, and create a Cloud IAM policy to grant access to all these users.