Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam Associate Cloud Engineer All Questions

View all questions & answers for the Associate Cloud Engineer exam

Exam Associate Cloud Engineer topic 1 question 261 discussion

Actual exam question from Google's Associate Cloud Engineer
Question #: 261
Topic #: 1
[All Associate Cloud Engineer Questions]

You are in charge of provisioning access for all Google Cloud users in your organization. Your company recently acquired a startup company that has their own Google Cloud organization. You need to ensure that your Site Reliability Engineers (SREs) have the same project permissions in the startup company's organization as in your own organization. What should you do?

  • A. In the Google Cloud console for your organization, select Create role from selection, and choose destination as the startup company's organization.
  • B. In the Google Cloud console for the startup company, select Create role from selection and choose source as the startup company's Google Cloud organization.
  • C. Use the gcloud iam roles copy command, and provide the Organization ID of the startup company's Google Cloud Organization as the destination.
  • D. Use the gcloud iam roles copy command, and provide the project IDs of all projects in the startup company's organization as the destination.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
yomi95
3 weeks, 4 days ago
I'm confused between C and D, both use "gcloud iam roles copy" which is required for this scenario, but most voted answer is C while I'm unsure why giving project level permission is incorrect. According to lease privilege SRE should be okay to get permission project by project which is a hassle than C but it is not incorrect and can be done. Anyone pls correct me or give a link to an official document.
upvoted 1 times
yomi95
3 weeks, 4 days ago
According to Gemini (Couldn't find official source) below is correct which means D is also possible answer. in the question is does not say fewest steps or best practice method. gcloud iam roles copy --source-organization=organizations/123456789 --destination-projects=projects/project1,projects/project2,projects/project3 --role-ids=roles/compute.admin,roles/storage.objectViewer
upvoted 2 times
denno22
3 weeks, 3 days ago
We could have a large number of projects, so copying by project may not be practical. Therefore copying by organisation is fewest steps. Also just copying to all projects gives the same result as copying by organisation, but involves more steps.
upvoted 1 times
...
...
...
Cristianssenn
5 months, 2 weeks ago
The keys in question are SRE and project permissions. Choosing C will copy all your organization IAM permissions and not the only ones defined for SRE at project level. So, the correct answer is D.
upvoted 1 times
iooj
1 month, 3 weeks ago
--dest-project=DEST_PROJECT - the project of the destination role. We cannot specify all projects. So, I think that's the trick here.
upvoted 1 times
...
...
Matheus_1346
6 months ago
Selected Answer: C
The correct one is C
upvoted 1 times
...
PiperMe
8 months ago
Selected Answer: C
C. The gcloud iam roles copy command is designed specifically for copying IAM roles between different resources, including organizations.
upvoted 3 times
...
KelvinToo
10 months, 1 week ago
Selected Answer: C
Per ChatGPT, Option C is the correct choice for achieving consistency in project permissions across both organizations by leveraging the gcloud iam roles copy command and providing the Organization ID of the startup company's Google Cloud Organization as the destination.
upvoted 2 times
...
shiowbah
10 months, 1 week ago
C. Use the gcloud iam roles copy command, and provide the Organization ID of the startup company's Google Cloud Organization as the destination.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...