Google Associate Cloud Engineer

Get started today

Ultimate access to all questions.

Explanation:

The correct answer is B (roles/storage.admin) because it grants team members full control over buckets and objects, but only within the specified bucket when applied individually. This aligns with the principle of least privilege by not granting unnecessary permissions.

A (roles/storage.objectCreator) and D (roles/storage.objectAdmin) are incorrect as they do not provide sufficient privileges for bucket management.
C (roles/owner) is incorrect as it offers more privileges than needed, violating the principle of least privilege.

For more details, refer to the GCP documentation on Cloud Storage IAM Roles.

Explanation:

A (roles/storage.objectCreator) and D (roles/storage.objectAdmin) are incorrect as they do not provide sufficient privileges for bucket management.
C (roles/owner) is incorrect as it offers more privileges than needed, violating the principle of least privilege.

For more details, refer to the GCP documentation on Cloud Storage IAM Roles.

Comments (0)

No comments yet.

To adhere to the principle of least privilege, which role should be assigned to team members for managing files and buckets in Cloud Storage?

Real Exam

roles/storage.objectCreator

20.0%

roles/storage.admin

60.0%

roles/owner

roles/storage.objectAdmin

20.0%