Answer-first summary for fast verification
Answer: Select the built-in IAM project Viewer role. Add the user's account to this role.
The correct answer is C. Selecting the built-in IAM project Viewer role provides read-only access to all resources within a Google Cloud Platform project. This role allows the auditor to view project items, including resources and configurations, without granting permissions to modify them. The IAM project Viewer role is specifically designed for users who need read-only access, aligning with the requirement of allowing the auditor to read, but not modify, all project items. This follows the principle of least privilege, ensuring that the auditor has the necessary permissions to perform their tasks without granting unnecessary privileges.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As a Google Cloud Platform project owner, you need to include a new team member as an auditor. The auditor's role is specifically to review and read all project elements without having any capability to alter them. How can you set up the auditor’s permissions to ensure they have read-only access to the entire project?
A
Create a custom role with view-only project permissions. Add the user's account to the custom role.
B
Create a custom role with view-only service permissions. Add the user's account to the custom role.
C
Select the built-in IAM project Viewer role. Add the user's account to this role.
D
Select the built-in IAM service Viewer role. Add the user's account to this role.