🔥 3-day streak
Professional Security Operations Engineer42 / 241
Question 42 of 241

A security engineer is integrating a third-party CSPM vendor into Security Command Center so that the vendor's findings appear alongside native SCC findings in the central dashboard. The vendor uses a dedicated service account to push findings via the SCC API. Following least-privilege principles, which IAM role should be granted to the vendor's service account so it can create and update its own findings without gaining broad visibility into all organizational findings or the ability to modify Google-native findings?

Reviewed for accuracy · Report an issueNext question