A colleague handed over a Google Cloud Platform project for you to maintain. As part of a security checkup, you want to review who has been granted the Project Owner role. What should you do?
A.
In the console, validate which SSH keys have been stored as project-wide keys.
B.
Navigate to Identity-Aware Proxy and check the permissions for these resources.
C.
Enable Audit Logs on the IAM & admin page for all resources, and validate the results.
D.
Use the command gcloud projects get–iam–policy to view the current role assignments.
A simple approach would be to use the command flags available when listing all the IAM policy for a given project. For instance, the following command: `gcloud projects get-iam-policy $PROJECT_ID --flatten="bindings[].members" --format="table(bindings.members)" --filter="bindings.role:roles/owner"` outputs all the users and service accounts associatedwith the role ‘roles/owner’ in the project in question.https://groups.google.com/g/google-cloud-dev/c/Z6sZs7TvygQ?pli=1
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit