Practice - 5 Tasks

Answer the questions below

1fill in blank

easy

Complete the code to specify the effect of the deny policy.

GCP

{
  "denyRule": {
    "deniedPermissions": ["storage.buckets.delete"],
    "denialCondition": {
      "expression": "request.time < timestamp('2025-01-01T00:00:00Z')"
    },
    "[1]": "DENY"
  }
}

Drag options to blanks, or click blank then click option'

Aaction

Beffect

Cpermission

Drole

Attempts:

3 left

2fill in blank

medium

Complete the code to specify the permissions to deny in the deny rule.

GCP

{
  "denyRule": {
    "[1]": ["compute.instances.delete", "compute.instances.stop"]
  }
}

Drag options to blanks, or click blank then click option'

AallowedPermissions

Bpermissions

CdeniedPermissions

DblockedActions

Attempts:

3 left

3fill in blank

hard

Fix the error in the condition expression to correctly deny before 2024-12-31.

GCP

{
  "denyRule": {
    "deniedPermissions": ["storage.objects.delete"],
    "denialCondition": {
      "expression": "request.time [1] timestamp('2024-12-31T23:59:59Z')"
    }
  }
}

Drag options to blanks, or click blank then click option'

B!=

C==

Attempts:

3 left

4fill in blank

hard

Fill both blanks to create a deny policy that blocks deleting buckets and objects.

GCP

{
  "denyRule": {
    "[1]": ["storage.buckets.delete"],
    "[2]": ["storage.objects.delete"]
  }
}

Drag options to blanks, or click blank then click option'

AdeniedPermissions

BallowedPermissions

Dpermissions

Attempts:

3 left

5fill in blank

hard

Fill all three blanks to create a deny policy with a condition that denies stopping and deleting compute instances before 2025.

GCP

{
  "denyRule": {
    "[1]": ["compute.instances.stop"],
    "[2]": ["compute.instances.delete"],
    "denialCondition": {
      "expression": "request.time [3] timestamp('2025-01-01T00:00:00Z')"
    }
  }
}

Drag options to blanks, or click blank then click option'

AdeniedPermissions

BallowedPermissions

Attempts:

3 left