Answer-first summary for fast verification
Answer: roles/storage.objectCreator
The correct answer is **B (roles/storage.objectCreator)** because it allows users to create objects in Cloud Storage buckets without the ability to view, delete, or overwrite existing objects, aligning with the principle of least privilege. - **Option A (roles/storage.objectViewer)** is incorrect as it only permits viewing objects, not creating them. - **Options C (roles/storage.objectAdmin)** and **D (roles/storage.admin)** are incorrect because they grant more permissions than necessary for the task of uploading objects.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
To adhere to the principle of least privilege, which role should be assigned to team members for uploading objects to Cloud Storage buckets without granting unnecessary permissions?
A
roles/storage.objectViewer
B
roles/storage.objectCreator
C
roles/storage.objectAdmin
D
roles/storage.admin
No comments yet.