Answer-first summary for fast verification
Answer: Security Admin privileges from the Shared VPC Admin.
To update firewall rules in a shared VPC, the least privilege necessary is the Security Admin role, which specifically allows for the management of firewall rules without granting broader permissions. The Network Admin role does not include permissions to modify firewall rules. Therefore, requesting Security Admin privileges from the Shared VPC Admin is the correct approach, as it adheres to the principle of least privilege by providing only the necessary permissions for the task at hand.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You need to modify firewall rules in a shared VPC but currently only have Network Admin permissions, which are insufficient. Following the principle of least privilege, what specific IAM role or permission should you request to perform this task?
A
Security Admin privileges from the Shared VPC Admin.
B
Service Project Admin privileges from the Shared VPC Admin.
C
Shared VPC Admin privileges from the Organization Admin.
D
Organization Admin privileges from the Organization Admin.
No comments yet.