You need to enforce a security policy in your Google Cloud organization that prevents users from making bucket objects publicly accessible. No buckets currently exist in the organization. Which solution should you proactively implement to achieve this goal with minimal operational overhead?

Exam-Like

Create an hourly cron job to run a Cloud Function that finds public buckets and makes them private.

Enable the constraints/storage.publicAccessPrevention constraint at the organization level.

Enable the constraints/storage.uniformBucketLevelAccess constraint at the organization level.

Create a VPC Service Controls perimeter that protects the storage.googleapis.com service in your projects that contains buckets. Add any new project that contains a bucket to the perimeter.

Google Professional Cloud Security Engineer

Get started today

Comments

You need to enforce a security policy in your Google Cloud organization that prevents users from making bucket objects publicly accessible. No buckets currently exist in the organization. Which solution should you proactively implement to achieve this goal with minimal operational overhead?