Exam Professional Cloud Security Engineer topic 1 question 89 discussion

it's D, https://cloud.google.com/storage/docs/uniform-bucket-level-access#:~:text=When%20you%20enable%20uniform%20bucket,and%20the%20objects%20it%20contains.

To manage access to your Cloud Storage bucket without having to manage access to each object individually, you should set up Uniform bucket-level access on the Cloud Storage bucket and manage access for users using IAM . Uniform bucket-level access allows you to use Identity and Access Management (IAM) alone to manage permissions for all objects contained inside the bucket or groups of objects with common name prefixes . This approach simplifies access management and ensures that all objects in the bucket have the same level of access . By using IAM, you can grant users specific permissions to access your Cloud Storage bucket, such as read, write, or delete permissions . You can also use Cloud Audit Logs to monitor and manage access to your bucket . This approach provides a secure environment for your Cloud Storage bucket while ensuring that only authorized users can access it .

Answer is D https://cloud.google.com/storage/docs/uniform-bucket-level-access#overview

Explanation: When you want to avoid managing access to individual objects in a Google Cloud Storage bucket, Uniform bucket-level access simplifies access control by enforcing consistent permissions at the bucket level. It disables per-object ACLs and enables centralized access management using IAM roles and permissions.

ans is D

Ans: D. https://cloud.google.com/storage/docs/uniform-bucket-level-access

D is right

D. Set up Uniform bucket-level access on the Cloud Storage bucket and manage access for users using IAM.

https://cloud.google.com/storage/docs/uniform-bucket-level-access#enabled

Answer is A. Read the note below in the below URL https://cloud.google.com/storage/docs/access-control/lists Note: You cannot grant discrete permissions for reading or writing ACLs or other metadata. To allow someone to read and write ACLs, you must grant them OWNER permission.

I will go with uniform level access and manage access via IAM, Hence D.

SHOULD BE D

Answer C https://cloud.google.com/storage/docs/access-control Uniform (recommended): Uniform bucket-level access allows you to use Identity and Access Management (IAM) alone to manage permissions. IAM applies permissions to all the objects contained inside the bucket or groups of objects with common name prefixes. IAM also allows you to use features that are not available when working with ACLs, such as IAM Conditions and Cloud Audit Logs.