ExpertGCP ACE · Question 44 · Domain 5.1: Managing Identity and Access Management (IAM)
You have a team of 10 developers who all need the 'roles/run.developer' role to deploy applications to Cloud Run. You want to manage their access efficiently so that when a developer leaves the team, their access can be easily revoked without modifying the project's IAM policy directly.
Which TWO steps should you take? (Select TWO)
You have a team of 10 developers who all need the 'roles/run.developer' role to deploy applications to Cloud Run. You want to manage their access efficiently so that when a developer leaves the team, their access can be easily revoked without modifying the project's IAM policy directly.
Which TWO steps should you take? (Select TWO)
Answer options:
Create a Google Group and add the 10 developers as members.
Grant the 'roles/run.developer' role to each developer individually.
Grant the 'roles/run.developer' role to the Google Group at the project level.
Create a Service Account for each developer and grant the role to the Service Accounts.
Assign the developers to a custom VPC network.
How to approach this question
Full Answer
Common mistakes
Practice the full GCP Associate Cloud Engineer Practice Exam 3
50 questions · hints · full answers · grading