Answer-first summary for fast verification
Answer: View the current role assignments by running the command `gcloud projects get iam policy`.
Option C is correct because running the command `gcloud projects get iam policy` provides a direct and comprehensive view of all current role assignments within a GCP project, including the project owner role. This method is efficient and straightforward for identifying role holders.\n\nOption A is incorrect because Identity-Aware Proxy (IAP) is not designed for managing GCP project roles; it's used for controlling access to web applications.\n\nOption B is incorrect because Audit Logs record historical actions rather than current role assignments.\n\nOption D is incorrect because SSH keys are unrelated to IAM roles and do not provide information about role assignments.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As a new member of the security team at a large enterprise, your first assignment is to identify who holds the project owner role in a specific GCP project. What is the most effective method to accomplish this?
A
Navigate to Identity-Aware Proxy and check who has permission for these resources.
B
Enable Audit Logs on the IAM & admin page for all resources, and validate the results.
C
View the current role assignments by running the command gcloud projects get iam policy.
D
Go to the Google Cloud console and validate which SSH keys are stored as project-wide keys.