Answer-first summary for fast verification
Answer: Fine-grained access controls
Fine-grained access controls are recommended by Google Cloud for managing access to Cloud Storage buckets and objects due to their granularity. This method allows for: - Assigning specific permissions to individual users or groups, ensuring only authorized access to sensitive data. - Setting permissions at both the bucket and object level, enabling control over specific files or directories. - Utilizing Cloud Identity and Access Management (IAM) for defining and managing access policies. This approach aligns with the principle of least privilege, making it the correct choice for scenarios requiring differentiated access controls. **Why other options are incorrect:** - **A. Signed URLs**: Suitable for temporary access to specific objects but not for long-term, ongoing access control. - **C. Uniform bucket-level access**: Too restrictive, offering the same access level to all users, thus not meeting the need for varied access controls. - **D. Signed policy documents**: Similar to signed URLs, these are for temporary access and not ideal for managing ongoing access for multiple users or teams.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
When setting up Cloud Storage buckets for multiple teams with varying access needs in your organization, adhering to Google Cloud's best practices is crucial. What is the recommended method to implement access controls for both objects and buckets?
A
Signed URLs
B
Fine-grained access controls
C
Uniform bucket level access
D
Signed policy documents
No comments yet.