Google Cloud Associate Cloud Engineer — Question 200

Your continuous integration and delivery (CI/CD) server can’t execute Google Cloud actions in a specific project because of permission issues. You need to validate whether the used service account has the appropriate roles in the specific project.

What should you do?

Answer options

• A. Open the Google Cloud console, and check the Identity and Access Management (IAM) roles assigned to the service account at the project or inherited from the folder or organization levels.
• B. Open the Google Cloud console, and check the organization policies.
• C. Open the Google Cloud console, and run a query to determine which resources this service account can access.
• D. Open the Google Cloud console, and run a query of the audit logs to find permission denied errors for this service account.

Correct answer: A

Explanation

The correct answer is A because checking the IAM roles is essential to determine if the service account has the necessary permissions for the project. Options B, C, and D do not directly address the roles assigned to the service account, which is crucial for resolving the permission issues.