PROFESSIONAL-CLOUD-DEVOPS-ENGINEER · Question #202
PROFESSIONAL-CLOUD-DEVOPS-ENGINEER Question #202: Real Exam Question with Answer & Explanation
The correct answer is D: Grant the development team the roles/clouddeploy.developer role in a policy file. Apply this policy. This approach follows Google-recommended IAM best practices by granting least privilege access to only the required development delivery pipeline. The role allows the development team to view and execute roles/clouddeploy.developer deployments without excessive permissions. Apply
Question
Your company uses Cloud Deploy with multiple delivery pipelines for deploying applications to different environments. Your development team currently lacks access to any of these pipelines. You need to grant the team access to only the development delivery pipeline, while following Google-recommended practices. What should you do?
Options
- AIn the Google Cloud console, grant the development team the roles/clouddeploy.operator role. Add
- BIn the Google Cloud console, create a custom IAM role with all clouddeploy.automations.*
- CGrant the development team the roles/clouddeploy.operator role in a policy file. Apply the policy
- DGrant the development team the roles/clouddeploy.developer role in a policy file. Apply this policy
Explanation
This approach follows Google-recommended IAM best practices by granting least privilege access to only the required development delivery pipeline. The role allows the development team to view and execute roles/clouddeploy.developer deployments without excessive permissions. Applying the policy file specifically to the development pipeline ensures that access is limited to the intended environment while maintaining security and compliance.
Topics
Community Discussion
No community discussion yet for this question.