Google Cloud Professional Cloud Security Engineer — Question 20

A customer has 300 engineers. The company wants to grant different levels of access and efficiently manage IAM permissions between users in the development and production environment projects.
Which two steps should the company take to meet these requirements? (Choose two.)

Answer options

• A. Create a project with multiple VPC networks for each environment.
• B. Create a folder for each development and production environment.
• C. Create a Google Group for the Engineering team, and assign permissions at the folder level.
• D. Create an Organizational Policy constraint for each folder environment.
• E. Create projects for each environment, and grant IAM rights to each engineering user.

Correct answer: B, C

Explanation

Option B is correct because creating a folder for each environment helps organize resources and manage permissions efficiently. Option C is also correct as forming a Google Group allows for easier permission management at the folder level. The other options do not directly address the requirement to manage IAM permissions effectively between the two environments.