Answer-first summary for fast verification
Answer: Grant the Monitoring Editor role to the team in the Project intended for the monitoring workspace.
The Monitoring Editor role provides the necessary permissions without being overly permissive, aligning with the principle of least privilege. The Project Editor and Project Owner roles lack the specific permissions required for workspace creation, while the Monitoring Admin role, though capable, exceeds the necessary permissions, violating the least privilege principle. For more details, refer to the Metrics scopes overview.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company manages multiple Google Cloud projects under a single organization. As part of enhancing the monitoring strategy, these projects are to be integrated into designated workspaces. Your team is responsible for setting up these workspaces. Adhering to the principle of least privilege, which IAM role should your team be granted to successfully create these workspaces?
A
Grant the Project Editor role to the team in the Project intended for the monitoring workspace.
B
Grant the Monitoring Admin role to the team in the Project intended for the monitoring workspace.
C
Grant the Project Owner role to the team in the Project intended for the monitoring workspace.
D
Grant the Monitoring Editor role to the team in the Project intended for the monitoring workspace.