A colleague handed over a Google Cloud project for you to maintain. As part of a security checkup, you want to review who has been granted the Project Owner role. What should you do?
A.
In the Google Cloud console, validate which SSH keys have been stored as project-wide keys.
B.
Navigate to Identity-Aware Proxy and check the permissions for these resources.
C.
Enable Audit logs on the IAM & admin page for all resources, and validate the results.
D.
Use the gcloud projects get-iam-policy command to view the current role assignments.
The gcloud projects get-iam-policy command displays the IAM policy for a project, which includes the roles and members assigned to those roles. The Project Owner role grants full access to all resources and actions in the project. By using this command, you can review who has been granted this role and make any necessary changes. References:
3: Understanding roles | Cloud IAM Documentation | Google Cloud
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit