Domain 3: Designing for Security and Compliance — GCP PCA Practice Question 45

How to approach this question

Recall the fundamental rules of IAM: Groups over users, Service Accounts for apps, Predefined roles over Basic roles, never commit secrets.

Full Answer

Google Cloud IAM best practices dictate that you should manage human access via Google Groups (e.g., `dev-team@company.com`) rather than assigning roles to individual users. This makes auditing and offboarding much easier. For non-human access (applications, VMs, CI/CD pipelines), you should always use Service Accounts rather than user credentials.

Common mistakes

Assigning roles to individuals (A). While it works, it becomes an administrative nightmare in an enterprise environment.

You are establishing the IAM policies for a new GCP Organization. Which TWO practices align with Google Cloud IAM best practices? (Select TWO)

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Professional Cloud Architect Practice Exam 3

More questions from this exam