Google Professional Cloud Security Engineer
Get started today
Ultimate access to all questions.
You have a Google Cloud organization with multiple teams in separate folders. Each team needs the ability to change the Organization Policies that apply to their own work. How do you grant these permissions following Google-recommended security practices and with minimal administrative overhead?
You have a Google Cloud organization with multiple teams in separate folders. Each team needs the ability to change the Organization Policies that apply to their own work. How do you grant these permissions following Google-recommended security practices and with minimal administrative overhead?
Exam-Like
A
Create a custom IAM role with the organization policy administrator permission and grant the permission to each team’s folder. Limit policy modifications based on folder names within the custom role’s definition.
B
Assign the organization policy administrator role to a central service account and provide teams with the credentials to use the service account when needed.
C
Comments
Loading comments...