Answer-first summary for fast verification
Answer: Organization Administrator
The question requires a role that enables comprehensive management of permissions and auditing across an entire Cloud Identity domain with hundreds of projects. Option A (Organization Administrator) is the correct choice because it provides full control over all resources, including the ability to manage IAM policies, assign roles, and audit resources at the organizational level. This aligns with the requirement to 'take over managing permissions and auditing.' Option B (Security Reviewer) lacks management capabilities, as it only allows viewing permissions without the ability to modify them. Option C (Organization Role Administrator) is limited to creating and managing custom roles but does not include permissions to assign these roles to users or manage existing IAM policies. Option D (Organization Policy Administrator) focuses on setting organizational constraints (e.g., resource location policies) rather than managing user permissions. The community discussion strongly supports A, with the top-voted comment (29 upvotes) emphasizing that A is the only role allowing permission management on projects, while others lack critical 'setIAM' permissions.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your team needs to take over management of a Cloud Identity domain containing hundreds of projects that was created by a business unit. Which role should your team be granted to manage permissions and audit resources across the entire domain?
A
Organization Administrator
B
Security Reviewer
C
Organization Role Administrator
D
Organization Policy Administrator
No comments yet.