Ultimate access to all questions.
Upgrade Now 🚀
Sign in to unlock AI tutor
You need to ensure all VMs in your Google Cloud organization can only use a specific, security-hardened OS image stored in a project managed by the security team, while minimizing operational overhead. What should you do? (Choose two.)
A
Grant users the compute.imageUser role in their own projects.
B
Grant users the compute.imageUser role in the OS image project.
C
Store the image in every project that is spun up in your organization.
D
Set up an image access organization policy constraint, and list the security team managed project in the project's allow list.
E
Remove VM instance creation permission from users of the projects, and only allow you and your team to create VM instances.
