Domain 5.1: Managing Identity and Access Management — GCP ACE Practice Question 44

How to approach this question

Understand the limitations and maintenance overhead of custom IAM roles.

Full Answer

Custom roles can only be created at the project or organization level, not the folder level. You must manually maintain custom roles if Google adds new permissions to services.

Custom IAM roles allow you to combine specific permissions. However, they come with maintenance overhead: Google does not update them when new features/permissions are released. Also, custom roles can only be created at the Organization or Project level; they cannot be created at the Folder level.

Common mistakes

Assuming Google automatically updates custom roles like they do predefined roles.

You are creating a custom IAM role because predefined roles provide too much access. Which TWO statements are true regarding custom IAM roles? (Select TWO)

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Associate Cloud Engineer Practice Exam 1

More questions from this exam