Which IAM roles should you grant your colleagues?

Associate Cloud Engineer V3 0 Comments

You are the project owner of a GCP project and want to delegate control to colleagues to manage buckets and files in Cloud Storage. You want to follow Google-recommended practices.

Which IAM roles should you grant your colleagues?
A . Project Editor
B . Storage Admin
C . Storage Object Admin
D . Storage Object Creator

Answer: B

Explanation:

Storage Admin (roles/storage.admin) Grants full control of buckets and objects.

When applied to an individual bucket, control applies only to the specified bucket and objects within the bucket.

firebase.projects.get

resourcemanager.projects.get

resourcemanager.projects.list

storage.buckets.*

storage.objects.*

https://cloud.google.com/storage/docs/access-control/iam-roles

This role grants full control of buckets and objects. When applied to an individual bucket, control applies only to the specified bucket and objects within the bucket.

Ref: https://cloud.google.com/iam/docs/understanding-roles#storage-roles

Latest Associate Cloud Engineer Dumps Valid Version with 181 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download Associate Cloud Engineer PDF     Associate Cloud Engineer Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments