Answer-first summary for fast verification
Answer: Org viewer, project viewer
The correct answer is **B** because the security team only needs visibility into the projects, and the project viewer role provides this access while adhering to the principle of least privilege. - **Option A** is incorrect because while the project owner role provides access, it does not follow the best practice of least privilege. - **Option C** is incorrect because the org admin role exceeds the necessary permissions and violates the principle of least privilege. - **Option D** is incorrect because it lacks the organization viewer access required to view the organization's projects. For more details, refer to the GCP documentation on [Organization & Project access control](https://cloud.google.com/resource-manager/docs/access-control-org).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your customer is transitioning their corporate applications to Google Cloud Platform. The security team requires comprehensive visibility across all projects within the organization. After setting up Google Cloud Resource Manager and assigning yourself as the organization admin, which Google Cloud Identity and Access Management (Cloud IAM) roles should you assign to the security team to meet their needs?
A
Org viewer, project owner
B
Org viewer, project viewer
C
Org admin, project browser
D
Project owner, network admin