You've been tasked with granting a new IAM member the necessary permissions to run queries on BigQuery, adhering to the principle of least privilege. Which role combination should you assign?

Real Exam

Explanation:

The correct answer is A because the user only needs to query the data, which requires the ability to view the dataset and run queries. This is provided by roles/bigquery.dataViewer and roles/bigquery.jobUser, aligning with the principle of least privilege.

Option B is incorrect as roles/bigquery.dataEditor grants more privileges than necessary.
Option C is incorrect because roles/bigquery.user includes permissions beyond what's needed for querying.
Option D is incorrect as roles/bigquery.dataOwner provides excessive privileges for the task at hand.

Refer to the GCP documentation on BigQuery Access Control for more details.

Powered ByGPT-5

Google Associate Cloud Engineer

Get started today

Google Associate Cloud Engineer

Get started today

You've been tasked with granting a new IAM member the necessary permissions to run queries on BigQuery, adhering to the principle of least privilege. Which role combination should you assign?