Synchronize Security Groups with LDAP in Cloud IAM
Question
You are the Security Admin in your company.
You want to synchronize all security groups that have an email address from your LDAP directory in Cloud IAM.
What should you do?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The best answer to this question would be option A.
Option A suggests that you should use Google Cloud Directory Sync to sync security groups from your LDAP directory in Cloud IAM. You can configure the sync rules in a way that only security groups with an email address attribute will be synced. This option facilitates a one-way sync from your LDAP directory to Cloud IAM.
Option B suggests the same thing as option A, except that it allows for bidirectional sync between your LDAP directory and Cloud IAM. However, bidirectional sync is not necessary for this particular use case.
Option C suggests using a management tool to sync a subset of security groups based on the email address attribute. While this option may work, it is not the most efficient way to accomplish the task at hand.
Option D suggests syncing based on the group object class attribute, which is not relevant to the requirement of syncing only security groups with an email address attribute.
In conclusion, option A is the best answer to this question as it provides a straightforward and efficient solution to syncing security groups with an email address attribute from your LDAP directory to Cloud IAM.
