PCSE • Practice Test 17
Free PCSE practice test — 15 questions with explanations. Set 17. No signup required.
A security engineer is reviewing the IAM policy of a Cloud Storage bucket that contains sensitive data. The exhibit shows the current policy. A developer reports that they can read objects in the bucket using service account sa-2, but they cannot delete objects. What is the most likely reason?
Refer to the exhibit.
```
{
"bindings": [
{
"role": "roles/storage.objectViewer",
"members": [
"serviceAccount:sa-1@project.iam.gserviceaccount.com"
]
},
{
"role": "roles/storage.objectAdmin",
"members": [
"serviceAccount:sa-2@project.iam.gserviceaccount.com"
]
}
]
}
```