🔥 3-day streak
Professional Cloud Security Engineer102 / 152
Question 102 of 152

A financial services company is tightening its security posture across its Google Cloud organization. During an audit, the security team discovers that developers in multiple projects have been creating user-managed service account keys, which are rarely rotated and pose a credential-leak risk. Leadership mandates that no new service account keys can be created anywhere in the organization, while still allowing a single legacy project (used by an on-premises batch system) to continue creating keys until it is migrated. What is the most effective way to enforce this?

Reviewed for accuracy · Report an issueNext question