Google Cloud Associate Cloud Engineer — Question 125

A colleague handed over a Google Cloud Platform project for you to maintain. As part of a security checkup, you want to review who has been granted the Project
Owner role. What should you do?

Answer options

• A. In the console, validate which SSH keys have been stored as project-wide keys.
• B. Navigate to Identity-Aware Proxy and check the permissions for these resources.
• C. Enable Audit Logs on the IAM & admin page for all resources, and validate the results.
• D. Use the command gcloud projects getג€"iamג€"policy to view the current role assignments.

Correct answer: D

Explanation

The correct answer is D because using the command gcloud projects get-iam-policy directly retrieves the IAM policy, showing who has the Project Owner role. Options A, B, and C do not specifically address the need to check role assignments and instead focus on unrelated resources or settings.