Answer-first summary for fast verification
Answer: Visit the Google Cloud console Identity and Access Management (IAM) section and verify the roles assigned to the service account at the project or inherited from the folder or organization levels.
Option C is correct because checking the Identity and Access Management (IAM) roles assigned to the service account at the project or inherited from the folder or organization levels is the recommended way to verify the service account's permissions in the specific project. Option A is incorrect because querying audit logs to find permission-denied errors could be part of the troubleshooting process, but it doesn't directly validate the roles assigned to the service account in the project. Option B is incorrect because checking organization policies is not directly related to validating the service account's roles and permissions in the specific project. Option D is incorrect because running a query to determine which resources the service account can access might help with troubleshooting, but it doesn't directly address the permission issues in the given project.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You have a CI/CD server running in your development environment and need to implement the same for production. However, the production CI/CD server is failing to execute Google Cloud actions due to permission issues. What is the best way to ensure the service account has the correct roles in the production project?
A
Run a query of the audit logs to find 'permission denied' errors for this service account in Google Cloud Console.
B
Check the organization policies in Google Cloud Console.
C
Visit the Google Cloud console Identity and Access Management (IAM) section and verify the roles assigned to the service account at the project or inherited from the folder or organization levels.
D
Run a query to determine which resources this service account can access in Google Cloud Console.