Answer-first summary for fast verification
Answer: 1. Add the users to a group. 2. Assign this group to the roles/browser role.
Option A is not the best practice because it involves assigning roles directly to users instead of using groups, and the roles/browser role only allows viewing and browsing resources without access to the full hierarchical structure. Option B is incorrect as the roles/iam.roleViewer role permits viewing IAM policies, not the project hierarchy. Option C is correct because it follows Google's recommended practice of using groups for permission management, and the roles/browser role grants the necessary access to browse the hierarchy, including folders, organization, and IAM policy, without viewing project resources. Option D is incorrect for the same reason as B, as it does not provide access to the hierarchical structure. For more details, refer to [Google Cloud IAM documentation](https://cloud.google.com/iam/docs/understanding-roles).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your company extensively uses Google Cloud Platform for all its government-related projects, which are organized in a complex hierarchical structure with hundreds of folders and projects. Only the Cloud Governance team is permitted to view the entire hierarchical structure. According to Google-recommended practices, what is the minimum permission required for the Governance team to perform their duties effectively?
A
Assign the users directly to the roles/browser role.
B
Assign the users directly to the roles/iam.roleViewer role.
C
D
No comments yet.