Google Exam Associate-Cloud-Engineer Topic 5 Question 94 Discussion

Actual exam question for Google's Google Associate Cloud Engineer exam

Question #: 94
Topic #: 5

[All Google Associate Cloud Engineer Questions]

During a recent audit of your existing Google Cloud resources, you discovered several users with email addresses outside of your Google Workspace domain.

You want to ensure that your resources are only shared with users whose email addresses match your domain. You need to remove any mismatched users, and you want to avoid having to audit your resources to identify mismatched users. What should you do?

ACreate a Cloud Scheduler task to regularly scan your projects and delete mismatched users.

BCreate a Cloud Scheduler task to regularly scan your resources and delete mismatched users.

CSet an organizational policy constraint to limit identities by domain to automatically remove mismatched users.

DSet an organizational policy constraint to limit identities by domain, and then retroactively remove the existing mismatched users.

Show Suggested Answer

Suggested Answer: D

https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints This list constraint defines the set of domains that email addresses added to Essential Contacts can have. By default, email addresses with any domain can be added to Essential Contacts. The allowed/denied list must specify one or more domains of the form @example.com. If this constraint is active and configured with allowed values, only email addresses with a suffix matching one of the entries from the list of allowed domains can be added in Essential Contacts. This constraint has no effect on updating or removing existing contacts. constraints/essentialcontacts.allowedContactDomains

by Sheridan at Sep 16, 2024, 11:58 PM

Limited Time Offer

25%

26 days ago

I think option C sounds like the best solution. It would automatically remove mismatched users based on domain.

upvoted 0 times

...