Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?
Choose an answer
Tap an option to check your answer.
Correct answer: Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor.
Why this is the answer
Exporting Cloud Audit Logs to BigQuery provides a structured, queryable dataset of all IAM policy changes. This allows for efficient analysis using SQL queries, which is ideal for auditors. BigQuery's access control lists (ACLs) and views enable you to precisely scope the data shared with auditors, ensuring they only see relevant information without granting broad access. Custom Stackdriver alerts are for real-time notifications, not historical analysis. Cloud Functions to Cloud SQL adds unnecessary complexity and cost compared to BigQuery's native logging integration. Exporting to Cloud Storage would require auditors to download and process large log files, which is less efficient than querying directly in BigQuery.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed