Google Associate Cloud Engineer
Get started today
Ultimate access to all questions.
As part of migrating your organization's accounting software from on-premises to Google Cloud, you've chosen BigQuery for financial transaction monitoring. Auditors need to view data and run reports in BigQuery without the ability to perform transactions. What is the simplest solution for this scenario with minimal maintenance?
As part of migrating your organization's accounting software from on-premises to Google Cloud, you've chosen BigQuery for financial transaction monitoring. Auditors need to view data and run reports in BigQuery without the ability to perform transactions. What is the simplest solution for this scenario with minimal maintenance?
Explanation:
Option C is correct because it adheres to best practices by assigning the roles/bigquery.dataViewer role to a Google Group, ensuring auditors have read-only access to the dataset. This approach minimizes maintenance by leveraging group-based role assignments and follows the principle of least privilege. Option A is incorrect due to the unnecessary complexity of creating custom roles for each auditor. Option B is incorrect as the roles/viewer role is overly permissive and doesn't specifically allow the required BigQuery access. Option D is incorrect because assigning roles to individuals increases maintenance efforts.