Google Associate Cloud Engineer
Get started today
Ultimate access to all questions.
Your organization has engaged a third-party company to conduct an audit on Google Cloud Platform (GCP) resources. The auditor, provided with a GSuite ID by your organization, requires read-only access to all project items to fulfill their duties. What is the most appropriate way to configure the auditor's permissions?
Your organization has engaged a third-party company to conduct an audit on Google Cloud Platform (GCP) resources. The auditor, provided with a GSuite ID by your organization, requires read-only access to all project items to fulfill their duties. What is the most appropriate way to configure the auditor's permissions?
Explanation:
The correct answer is C because the built-in project viewer role provides the auditor with read-only access to all project resources, which is exactly what they need to perform their audit without the risk of making any modifications. Options A and D are incorrect because the service viewer role does not provide project-wide view access, and creating custom roles is unnecessary when predefined roles meet the requirements. Option B is incorrect because it suggests creating a custom role with view-only project permissions, which is redundant since the built-in project viewer role already fulfills this need. For more information, refer to the GCP IAM documentation.