Answer-first summary for fast verification
Answer: Add the user to roles/iam.serviceAccountAdmin role.
The correct answer is D: Add the user to roles/iam.serviceAccountAdmin role. This role includes permissions to create, update, and delete service accounts, as well as to view or change the IAM policy on a service account. The other roles do not provide the necessary permissions to create service accounts, which is a requirement outlined in the question.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your organization employs an individual specifically for the creation and management of service accounts within various Google Cloud projects. To ensure this person has the necessary permissions while maintaining the principle of least privilege, which is assigning only the minimum required access, what role should you allocate to this individual for efficient project management?
A
Add the user to roles/iam.roleAdmin role.
B
Add the user to roles/iam.securityAdmin role.
C
Add the user to roles/iam.serviceAccountUser role.
D
Add the user to roles/iam.serviceAccountAdmin role.