Agree with C.
"https://cloud.google.com/identity/solutions/automate-user-provisioning#cloud_identity_automated_provisioning"
"Cloud Identity has a catalog of automated provisioning connectors, which act as a bridge between Cloud Identity and third-party cloud apps."
I don't think C is right answer. You configure Directory Sync to Sync from AD to cloud identity not the other way round.
Once a user is terminated- its account should be disabled on Directory and cloud identity will pick up via IAM. D looks more correct to me.
I also support D. The question may be provision and deprovision users. but technically it is to remove their IAM permissions in Cloud Identity. There is nothing like provision / deprovision user from cloud identity.
C is correct, because You cannot control IAM from Cloud Identity. Cloud identity only manages users and groups. It cannot remove IAM permissions through Cloud Identity.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
[Removed]
Highly Voted 4 years agoMohitA
Highly Voted 4 years, 2 months agoownez
4 years, 1 month agoAzureDP900
2 years agoAzureDP900
2 years agomynk29
2 years, 8 months agopradoUA
Most Recent 1 year, 1 month agoAzureDP900
2 years agoAwesomeGCP
2 years agopiyush_1982
2 years, 3 months agomynk29
2 years, 8 months agoAkbarM
2 years, 1 month agorohan0411
10 months, 1 week agoDebasishLowes
3 years, 7 months ago