Answer-first summary for fast verification
Answer: Grant the developers the Source Repository Writer role at repo level
The principle of least privilege means granting only the permissions necessary to perform a task. For developers needing to commit code to a specific repository, granting the **Source Repository Writer role at the repo level** is the correct approach. This allows them to list, clone, fetch, and update repositories in the dev project without unnecessary access to other repositories or admin privileges. - **Option A** is incorrect because the Reader role doesn't permit code commits. - **Options C and D** are too permissive, granting admin access that violates least privilege by allowing changes to all repositories in the project or at the repo level unnecessarily. Reference: [Google Cloud Source Repositories Access Control](https://cloud.google.com/source-repositories/docs/configure-access-control#roles_and_permissions_matrix)
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your company has deployed all its Cloud Source Repositories in a separate GCP Project. You need to grant developers in the dev Project access to commit code to the dev repository in that Project, following Google’s best practice of least privilege. How would you do this?
A
Grant the developers the Source Repository Reader role at project level
B
Grant the developers the Source Repository Writer role at repo level
C
Grant the developers the Source Repository Admin role at project level
D
Grant the developers the Source Repository Admin role at repo level
No comments yet.