Answer-first summary for fast verification
Answer: Provide the Auditors Google Group with the roles/bigquery.dataViewer role.
Option C is correct because it adheres to best practices by assigning the roles/bigquery.dataViewer role to a Google Group, ensuring auditors have read-only access to the dataset. This approach minimizes maintenance by leveraging group-based role assignments and follows the principle of least privilege. Option A is incorrect due to the unnecessary complexity of creating custom roles for each auditor. Option B is incorrect as the roles/viewer role is overly permissive and doesn't specifically allow the required BigQuery access. Option D is incorrect because assigning roles to individuals increases maintenance efforts.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As part of migrating your organization's accounting software from on-premises to Google Cloud, you've chosen BigQuery for financial transaction monitoring. Auditors need to view data and run reports in BigQuery without the ability to perform transactions. What is the simplest solution for this scenario with minimal maintenance?
A
Assign a custom role to each auditor with view-only access to BigQuery.
B
Grant the Auditors Google Group the roles/viewer role.
C
Provide the Auditors Google Group with the roles/bigquery.dataViewer role.
D
Assign the roles/bigquery.dataViewer role to individual auditors.
No comments yet.