Home › GCP Associate Cloud Engineer › cloudcomputing › gcpsecurity › What does an IAM allow-policy on a Google Cloud …
What does an IAM allow-policy on a Google Cloud resource bind together?
AA storage bucket and a Persistent Disk
BA region and a billing account
CA principal (user, group, service account, or domain) and a role (set of permissions) at the resource's scope
DAn organisation policy and a Compute Engine instance template
Answer & Solution
Correct answer: C. A principal (user, group, service account, or domain) and a role (set of permissions) at the resource's scope
An IAM policy binding = (principal, role, scope). The other answers mix unrelated GCP concepts.
Related questions
Which IAM principle does Google Cloud recommend when granting a service account access to Which Google Cloud feature provides a centralised reverse proxy that verifies the user's iAn organisation wants to enforce that only signed and approved container images can be depWorkload Identity Federation lets external (non-Google) identities (e.g. AWS IAM, GitHub AAn auditor needs to determine which user deleted a Cloud Storage bucket in a project last Which approach gives a GKE workload SHORT-LIVED credentials to access Google APIs WITHOUT Which Google Cloud product stores secrets (API tokens, passwords, certificates) with versiWhich Google Cloud service centrally manages cryptographic keys (creation, rotation, destr