Role Based Access Flashcards
1
Q
Role Based Access (10)
A
Since there’s meta data in those identity certificates, you’re able to use this to provide rules such as developers should never have access to production data or contractor should only have access to xyz GCP project, whereas if you’re using static credentials, it’s pretty binary, you either have access, or you don’t.
So now that you have role-based access, how do you give your security or audit team visibility and control into what’s happening over those connections?
