Google Professional Cloud DevOps Engineer

Get started today

Ultimate access to all questions.

Explanation:

The principle of least privilege means granting only the permissions necessary to perform a task. For developers needing to commit code to a specific repository, granting the Source Repository Writer role at the repo level is the correct approach. This allows them to list, clone, fetch, and update repositories in the dev project without unnecessary access to other repositories or admin privileges.

Option A is incorrect because the Reader role doesn't permit code commits.
Options C and D are too permissive, granting admin access that violates least privilege by allowing changes to all repositories in the project or at the repo level unnecessarily.

Reference: Google Cloud Source Repositories Access Control

Explanation:

Option A is incorrect because the Reader role doesn't permit code commits.
Options C and D are too permissive, granting admin access that violates least privilege by allowing changes to all repositories in the project or at the repo level unnecessarily.

Reference: Google Cloud Source Repositories Access Control

Comments (0)

No comments yet.

Your company has deployed all its Cloud Source Repositories in a separate GCP Project. You need to grant developers in the dev Project access to commit code to the dev repository in that Project, following Google’s best practice of least privilege. How would you do this?

Real Exam

Grant the developers the Source Repository Reader role at project level

0.0%

Grant the developers the Source Repository Writer role at repo level

100.0%

Grant the developers the Source Repository Admin role at project level

Grant the developers the Source Repository Admin role at repo level