hiexam
google · Associate-Cloud-Engineer · Q428 · multiple_choice · topic_1

Your organization needs to grant users access to query datasets in BigQuery but prevent them from accidentally deleting…

Your organization needs to grant users access to query datasets in BigQuery but prevent them from accidentally deleting the datasets. You want a solution that follows Google-recommended practices. What should you do?
  • A.Add users to roles/bigquery user role only, instead of roles/bigquery dataOwner.
  • B.Add users to roles/bigquery dataEditor role only, instead of roles/bigquery dataOwner.
  • C.Create a custom role by removing delete permissions, and add users to that role only.
  • D.Create a custom role by removing delete permissions. Add users to the group, and then add the group to the custom role.
Explanation
I believe the key part is the "following Google Best Practices" phrase. A - Works, but doesn't follow GCP best practices B - Doesn't work as the role grants permission to delete datasets C - Works, but is more complicated than A and doesn't follow Google best practices D - Correct, more complicated than A, but it follows Google Best Practices.

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing