A customer's data science group wants to use Google Cloud Platform (GCP) for their analytics workloads.
Company policy dictates that all data must be company-owned and all user authentications must go through their own Security Assertion Markup Language (SAML) 2.0 Identity Provider (IdP)
The Infrastructure Operations Systems Engineer was trying to set up Cloud Identity for the customer and realized that their domain was already being used by G Suite.
How should you best advise the Systems Engineer to proceed with the least disruption?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The scenario described in the question is that a customer's data science group wants to use Google Cloud Platform (GCP) for their analytics workloads, but the company policy requires all data to be company-owned and all user authentications to go through their own Security Assertion Markup Language (SAML) 2.0 Identity Provider (IdP).
The Infrastructure Operations Systems Engineer was trying to set up Cloud Identity for the customer, but found that their domain was already being used by G Suite. The question asks how to proceed with the least disruption.
Option A suggests contacting Google Support and initiating the Domain Contestation Process to use the domain name in the new Cloud Identity domain. This option involves a process of disputing ownership of the domain name with the current owner, which can be a lengthy and complex process. Additionally, it may cause disruption to the existing G Suite services that are using the domain name.
Option B suggests registering a new domain name and using it for the new Cloud Identity domain. This option would allow the data science group to use GCP without affecting the existing G Suite services that are using the domain name. However, this option may require significant changes to the data science group's existing workflows and processes to update their accounts and systems to use the new domain.
Option C suggests asking Google to provision the data science manager's account as a Super Administrator in the existing domain. This option would allow the data science group to use GCP while still using the existing domain name for authentication. However, this option may not meet the company policy requirement that all user authentications must go through their own SAML 2.0 Identity Provider (IdP) and may also require additional security considerations for granting Super Administrator privileges.
Option D suggests asking the customer's management to discover any other uses of Google managed services and work with the existing Super Administrator. This option involves a more thorough assessment of the customer's existing Google services and the involvement of customer management to ensure that the company policy is met. This option may take more time to implement, but it can help ensure that all stakeholders are involved and can help mitigate any potential disruptions.
Overall, the best option to proceed with the least disruption depends on the specific requirements and constraints of the customer's situation. However, option D is likely to be the most comprehensive and effective approach for meeting the company policy requirement and ensuring a smooth transition to using GCP for analytics workloads.