Answer-first summary for fast verification
Answer: roles/storage.objectAdmin
The principle of least privilege suggests granting only the permissions necessary to perform a task. For managing files and buckets in Cloud Storage: - **roles/storage.objectCreator** allows creating objects but not managing them. - **roles/storage.admin** provides full control over Cloud Storage, which is more than needed. - **roles/storage.objectAdmin** offers the right balance, allowing management of objects without broader project permissions. - **roles/owner** grants full project control, far exceeding the required permissions. Thus, **roles/storage.objectAdmin** is the most suitable role for this scenario.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
To adhere to the principle of least privilege, which Google Cloud Storage role should be assigned to team members who need to manage files and buckets, without granting unnecessary permissions?
A
roles/storage.objectCreator
B
roles/storage.admin
C
roles/storage.objectAdmin
D
roles/owner
No comments yet.