Your organization is creating an internal tool that lists every Identity and Access Management (IAM) policy binding configured in a Google Cloud project so that it can be rebuilt in another environment. To capture the minimum information required to reproduce each binding, which combination of elements must the tool record for every binding it discovers?
The resource, the IAM role, and the audit log sink associated with the project.
The IAM role, the principal, and any condition attached to the binding.
The principal, the resource, and the service perimeter that protects the resource.
The resource, the IAM role, and the principal (member) that receives the role.
An IAM policy is always attached to a specific Google Cloud resource such as a project, folder, or organization. Inside the policy, each binding pairs one role with one or more members (principals). Therefore, to recreate a binding you must know: 1) the resource that the policy is attached to, 2) the role being granted, and 3) the member (principal) receiving that role. Other items sometimes found in policies-such as conditions, audit log sinks, or service perimeters-are optional features that may be absent from many bindings, so they are not required in every case. Capturing the resource, role, and principal ensures the binding can always be reconstructed.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an IAM policy binding in Google Cloud?
Open an interactive chat with Bash
What are optional features of IAM policies, such as conditions or audit log sinks?
Open an interactive chat with Bash
How is an IAM role different from a principal in Google Cloud?
Open an interactive chat with Bash
What is an IAM policy in Google Cloud?
Open an interactive chat with Bash
What are IAM roles in Google Cloud and why are they important?
Open an interactive chat with Bash
What is the principal or member in an IAM policy?
Open an interactive chat with Bash
GCP Associate Cloud Engineer
Setting up a cloud solution environment
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .