Free Google Cloud Architect Actual Exam Questions - Question 7 Discussion
Question No. 7
A Cloud Architect is designing the IAM strategy for a multi-team project. Developers
need full access to deploy and manage resources in their own specific `dev-`
projects. However, they must be prevented from creating or modifying VPC
Network and Firewall Rules in the shared Host project. What is the most precise
way to enforce this separation of duties?
need full access to deploy and manage resources in their own specific `dev-`
projects. However, they must be prevented from creating or modifying VPC
Network and Firewall Rules in the shared Host project. What is the most precise
way to enforce this separation of duties?
Select one option, then reveal solution.
US
FU
Farhan U.
2026-02-17
D makes sense since giving Project Owner on dev-projects lets devs fully manage their own resources, while Compute Network User on the Host project restricts them from changing networks or firewalls. Seems more straightforward than relying on Org Policies.
0
MM
Mohammad M.
2026-01-29
Bigtable handles massive, real-time data streams way better than Stackdriver for GBs of KPIs. So A fits the low-latency, high-volume capture scenario best. Definitely not C or D for real-time stuff. A
0
MM
Mohammad M.
2026-01-28
Bigtable’s design for high-throughput real-time data makes A a solid choice here.
0
WA
Will A.
2026-01-18
B/C? Using Stackdriver for real-time monitoring (B) makes sense, but if it’s multiple GBs and low latency, BigQuery loads every 10 mins (C) might be too slow. Not sure if Datastore or Bigtable fit here.
0