🔥 3-day streak
Professional Cloud Security Engineer75 / 152
Question 75 of 152
A financial services company uses Google Cloud across an organization node. During a security review, the team discovers that engineers have been sharing Cloud Storage buckets and IAM roles with Gmail accounts and external contractor domains. Leadership mandates that going forward, IAM policies may only grant access to identities belonging to the company's own Cloud Identity account and one approved partner's Cloud Identity account. Which approach enforces this requirement across all current and future projects with the least ongoing maintenance?
Reviewed for accuracy · Report an issueNext question