Google Professional Cloud Network Engineer
Get started today
Ultimate access to all questions.
You need to modify firewall rules in a shared VPC but currently only have Network Admin permissions, which are insufficient. Following the principle of least privilege, what specific IAM role or permission should you request to perform this task?
You need to modify firewall rules in a shared VPC but currently only have Network Admin permissions, which are insufficient. Following the principle of least privilege, what specific IAM role or permission should you request to perform this task?
Explanation:
To update firewall rules in a shared VPC, the least privilege necessary is the Security Admin role, which specifically allows for the management of firewall rules without granting broader permissions. The Network Admin role does not include permissions to modify firewall rules. Therefore, requesting Security Admin privileges from the Shared VPC Admin is the correct approach, as it adheres to the principle of least privilege by providing only the necessary permissions for the task at hand.