Answer-first summary for fast verification
Answer: Create a service account (SA) in the legacy game's Google Cloud project, add this SA in the new game's IAM page, and then give it the Firebase Admin role in both projects.
The correct answer is C. To give programmatic access to the legacy game's Firestore database from the new game while keeping access as restricted as possible, you should create a service account (SA) in the legacy game's Google Cloud project. Then, add this service account in the new game's IAM page and give it the Firebase Admin role in both projects. This approach restricts access only to the required roles and avoids giving broader permissions, such as Organization Admin, which would be excessive and not security best practice. Additionally, migrating the new game to the legacy game's project (Option D) is not advisable because it goes against the best practice of having separate projects for different environments.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Mountkirk Games is creating a new multi-platform game and has existing legacy games that were migrated to Google Cloud. They want to give programmatic access to the legacy game's Firestore database from the new game, with access as restricted as possible. What should you do to achieve this?
A
Create a service account (SA) in the legacy game's Google Cloud project, add a second SA in the new game's IAM page, and then give the Organization Admin role to both SAs.
B
Create a service account (SA) in the legacy game's Google Cloud project, give the SA the Organization Admin role, and then give it the Firebase Admin role in both projects.
C
Create a service account (SA) in the legacy game's Google Cloud project, add this SA in the new game's IAM page, and then give it the Firebase Admin role in both projects.
D
Create a service account (SA) in the legacy game's Google Cloud project, give it the Firebase Admin role, and then migrate the new game to the legacy game's project.
No comments yet.