Google Associate Cloud Engineer

Get started today

Ultimate access to all questions.

Explanation:

The correct answer is A because the user only needs to query the data, which requires the ability to view the dataset and run queries. This is provided by roles/bigquery.dataViewer and roles/bigquery.jobUser, aligning with the principle of least privilege.

Option B is incorrect as roles/bigquery.dataEditor grants more privileges than necessary.
Option C is incorrect because roles/bigquery.user includes permissions beyond what's needed for querying.
Option D is incorrect as roles/bigquery.dataOwner provides excessive privileges for the task at hand.

Refer to the GCP documentation on BigQuery Access Control for more details.

Explanation:

Option B is incorrect as roles/bigquery.dataEditor grants more privileges than necessary.
Option C is incorrect because roles/bigquery.user includes permissions beyond what's needed for querying.
Option D is incorrect as roles/bigquery.dataOwner provides excessive privileges for the task at hand.

Refer to the GCP documentation on BigQuery Access Control for more details.

Comments (0)

No comments yet.

You've been tasked with granting a new IAM member the necessary permissions to run queries on BigQuery, adhering to the principle of least privilege. Which role combination should you assign?

Real Exam

roles/bigquery.dataViewer and roles/bigquery.jobUser

56.3%

roles/bigquery.dataEditor and roles/bigquery.jobUser

25.0%

roles/bigquery.dataViewer and roles/bigquery.user

18.8%

roles/bigquery.dataOwner and roles/bigquery.jobUser