Crucial Exams

GCP Professional Cloud Architect Practice Question

Your organization BigRetail has a Cloud Identity domain called bigretail.com. You must update IAM so that: every current and future employee automatically receives the Billing Account Viewer role on the company's central billing account without any manual user or group maintenance, and Cloud Build pipelines can deploy containers to multiple GKE projects without distributing long-lived user credentials. Which combination of principal types best satisfies these two requirements?

  • Create an All-Employees Google Group for Billing Account Viewer; create a dedicated Google Account for the pipeline to deploy clusters.

  • Grant Billing Account Viewer to the bigretail.com domain; grant the Cloud Build default service account the necessary GKE deployment roles.

  • Individually assign each employee's Google Account the Billing Account Viewer role; add the pipeline to a Google Group that has the deployment roles.

  • Create an organization-wide service account for Billing Account Viewer; grant the bigretail.com domain the deployment roles needed by Cloud Build.

GCP Professional Cloud Architect
Designing for security and compliance
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot