Answer-first summary for fast verification
Answer: Org viewer, project viewer
Option B is the correct answer because it aligns with the principle of least privilege, granting just enough permissions for the security team to perform their tasks without being able to make changes. The 'Org viewer' role provides the security team with the ability to view the organization’s display name and the 'Project viewer' role allows them to see resources within the projects. Options A and D are incorrect because the 'Project owner' role is too broad and unnecessary for viewing purposes. Option C is incorrect as 'Org admin' grants excessive permissions that are not needed for the security team's visibility requirement.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A customer is in the process of migrating their corporate applications to Google Cloud Platform (GCP). The security team requires detailed visibility of all projects across the organization to ensure security compliance and monitoring. As part of the initial setup, you provision the Google Cloud Resource Manager and designate yourself as the organizational admin. To give appropriate access without granting excessive permissions, which Google Cloud Identity and Access Management (Cloud IAM) roles should you assign to the security team?
A
Org viewer, project owner
B
Org viewer, project viewer
C
Org admin, project browser
D
Project owner, network admin
No comments yet.