Answer-first summary for fast verification
Answer: Storage Admin
The **Storage Admin** role is the correct choice because it provides the necessary permissions to create and manage Cloud Storage buckets and files, adhering to the principle of least privilege. This role ensures your colleagues can perform their required tasks without granting excessive permissions. The **Project Editor** role is too broad, granting unnecessary access across all GCP services. The **Storage Object Admin** and **Storage Object Creator** roles are insufficient as they do not provide permissions to manage buckets or, in the case of the Creator role, to manage existing objects. For more details, refer to [Google Cloud's IAM roles documentation](https://cloud.google.com/storage/docs/access-control/iam-roles).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As a new member of the Operations and Access Governance team at a large organization, you've received a request from a team needing access to manage buckets and files in Cloud Storage within a GCP project you oversee. Which IAM roles would be most appropriate to grant your colleagues for this purpose?
A
Storage Object Creator
B
Project Editor
C
Storage Admin
D
Storage Object Admin
No comments yet.