Google Cloud Associate Cloud Engineer — Question 75

Your company set up a complex organizational structure on Google Cloud. The structure includes hundreds of folders and projects. Only a few team members should be able to view the hierarchical structure. You need to assign minimum permissions to these team members, and you want to follow Google-recommended practices. What should you do?

Answer options

• A. Add the users to roles/browser role.
• B. Add the users to roles/iam.roleViewer role.
• C. Add the users to a group, and add this group to roles/browser.
• D. Add the users to a group, and add this group to roles/iam.roleViewer role.

Correct answer: C

Explanation

The correct answer is C because adding users to a group and then assigning the group the roles/browser role allows for efficient management of permissions while minimizing the access granted. Options A and B assign permissions directly to users, which is not the least privilege principle. Option D, while grouping users, assigns a role that may give more access than necessary.