Ultimate access to all questions.
Upgrade Now 🚀
Sign in to unlock AI tutor
You’ve been tasked with granting a new IAM member the necessary permissions to run queries on BigQuery, adhering to Google's recommended best practices and the principle of least privilege. What is the most appropriate method to assign this access?
A
Assign roles/bigquery.dataViewer and roles/bigquery.jobUser roles directly to the users
roles/bigquery.dataViewer
roles/bigquery.jobUser
B
Create a custom role combining roles/bigquery.dataViewer and roles/bigquery.jobUser roles, then assign this custom role to the users
C
Assign roles/bigquery.dataViewer and roles/bigquery.jobUser roles to a group, then add users to this group
D
Create a custom role combining roles/bigquery.dataViewer and roles/bigquery.jobUser roles, assign this custom role to a group, then add users to this group
