Answer-first summary for fast verification
Answer: Create a retention policy on the bucket for the duration of 5 years. Create a lock on the retention policy.
The requirement is to ensure documents cannot be deleted or overwritten for 5 years. Option A is correct because creating a retention policy with a 5-year duration and locking it prevents any deletion or modification of objects until the retention period expires. This is specifically designed for regulatory compliance and data immutability scenarios. Option B and D focus on access control (Object Writer role allows uploads but doesn't prevent deletion/overwrite) and are irrelevant to the immutability requirement. Option C addresses encryption key rotation but doesn't prevent deletion or overwriting of objects. The community discussion strongly supports A with 100% consensus and high upvotes, citing Google's bucket lock documentation for retention policies.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You need to ensure that mortgage loan approval documents stored in a Cloud Storage bucket cannot be deleted or overwritten for the next 5 years. How do you configure the bucket?
A
Create a retention policy on the bucket for the duration of 5 years. Create a lock on the retention policy.
B
Create the bucket with uniform bucket-level access, and grant a service account the role of Object Writer. Use the service account to upload new files.
C
Use a customer-managed key for the encryption of the bucket. Rotate the key after 5 years.
D
Create the bucket with fine-grained access control, and grant a service account the role of Object Writer. Use the service account to upload new files.