Granting G Suite Users Access to Your Cloud Platform Project

Granting Access to G Suite Users

Prev Question Next Question

Question

Your organization uses G Suite for communication and collaboration.

All users in your organization have a G Suite account.

You want to grant some G Suite users access to your Cloud Platform project.

What should you do?

Answers

A. Enable Cloud Identity in the GCP Console for your domain.

B. Grant them the required IAM roles using their G Suite email address.

C. Create a CSV sheet with all users` email addresses. Use the gcloud command line tool to convert them into Google Cloud Platform accounts.

D. In the G Suite console, add the users to a special group called cloud-console-users@yourdomain.com. Rely on the default behavior of the Cloud Platform to grant users access if they are members of this group.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

https://cloud.google.com/resource-manager/docs/creating-managing-organization

The correct answer is B. Grant them the required IAM roles using their G Suite email address.

Explanation:

IAM (Identity and Access Management) is a service offered by Google Cloud Platform that enables you to manage access control to resources and services within your project. IAM allows you to assign roles to users, groups, and service accounts, which determine the permissions they have within your project.

To grant access to G Suite users, you can assign the necessary IAM roles to their G Suite email addresses. This approach eliminates the need for users to create separate Google Cloud Platform accounts, and you can manage access control from a single console.

To assign IAM roles to G Suite users, follow these steps:

Navigate to the IAM & Admin section of your Google Cloud Platform Console.
Click on "IAM" to view the IAM dashboard.
Click on the "Add" button to add a new member.
In the "New members" field, enter the email address of the G Suite user you want to grant access to.
Select the IAM role you want to assign to the user from the "Role" drop-down list.
Click "Save" to grant the user access to your project with the assigned role.

Repeat these steps for each user you want to grant access to.

Option A (Enable Cloud Identity in the GCP Console for your domain) is incorrect because Cloud Identity is used to manage users and access to Google Cloud Platform, but it is not necessary to use Cloud Identity to grant G Suite users access to a Cloud Platform project.

Option C (Create a CSV sheet with all users' email addresses. Use the gcloud command line tool to convert them into Google Cloud Platform accounts) is also incorrect because it suggests creating Google Cloud Platform accounts for users, which is not necessary when using G Suite email addresses.

Option D (In the G Suite console, add the users to a special group called cloud-console-users@yourdomain.com. Rely on the default behavior of the Cloud Platform to grant users access if they are members of this group) is incorrect because there is no default behavior in Google Cloud Platform that grants access to users if they are members of a specific G Suite group. Instead, IAM roles must be assigned to G Suite email addresses individually.

Prev Question Next Question