You need to restrict the source images that can be used to create boot disks. These approved images are located in a dedicated project. What should you do?

Exam-Like

Use the Organization Policy Service to create a compute.trustedimageProjects constraint on the organization level. List the trusted project as the whitelist in an allow operation.

Use the Organization Policy Service to create a compute.trustedimageProjects constraint on the organization level. List the trusted projects as the exceptions in a deny operation.

In Resource Manager, edit the project permissions for the trusted project. Add the organization as member with the role: Compute Image User.

In Resource Manager, edit the organization permissions. Add the project ID as member with the role: Compute Image User.

Google Professional Cloud Security Engineer

Get started today

Comments

You need to restrict the source images that can be used to create boot disks. These approved images are located in a dedicated project. What should you do?