Exam: Cloud Digital Leader 0 Likes
Your company security team manages access control to production system (Digital Leader)
Your company security team manages access control to production systems using an LDAP directory group.
How is this access control managed in the Google Cloud production project?
A) Assign the proper role to the Service Account in the project's IAM Policy
B) Grant each user the roles/iam.serviceAccountUser role on a service account that exists in the Google Group.
C) Assign the proper role to the Google Group in the project's IAM Policy.
D) Create the project in a folder with the same name as the LDAP directory group.
Solution
Correct answer: C) Assign the proper role to the Google Group in the project's IAM Policy.
In Google Cloud Platform (GCP), IAM (Identity and Access Management) is used to manage access control to GCP resources. To manage access control using an LDAP directory group, you would typically map the LDAP group to a Google Group, and then assign roles to that Google Group in the project's IAM policy. This allows you to centrally manage access permissions for users within your LDAP directory group.
Option C is the correct choice because it directly addresses the scenario of managing access control using a Google Group, which can be synchronized with an LDAP directory group. By assigning the proper role to the Google Group in the project's IAM policy, you can control access to the production systems in the Google Cloud production project based on membership in the LDAP directory group.
Category: Google Cloud security and operations