You are the Security Admin in your company. You want to synchronize all security groups that have an email address from your LDAP directory in Cloud IAM.
I think option C is the best choice. Using a management tool to sync based on email address attribute and creating a group in the Google domain will automatically assign Google Cloud IAM roles.
I disagree, I believe the answer is B. We need to configure Google Cloud Directory Sync for bidirectional sync to ensure all security groups with email addresses are synchronized.
I think the answer is A. We should configure Google Cloud Directory Sync to sync security groups using LDAP search rules that have 'user email address' as the attribute for one-way sync.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Titus
2 days agoArthur
5 days agoDevora
13 days ago