A colleague handed over a Google Cloud Platform project for you to maintain.
As part of a security checkup, you want to review who has been granted the Project Owner role.
What should you do?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keysThe correct answer is D. Use the command gcloud projects get"iam"policy to view the current role assignments.
Explanation: As per the scenario, the objective is to review who has been granted the Project Owner role. The Project Owner role has the highest level of access to a Google Cloud Platform project, with permissions to manage all resources and settings within the project. It is essential to keep track of who has this role to maintain project security.
Option A, validating SSH keys stored as project-wide keys, is not relevant to the objective of reviewing who has the Project Owner role. SSH keys are used for secure communication with VM instances, and they do not relate to project ownership.
Option B, navigating to Identity-Aware Proxy and checking permissions, is not relevant to the objective of reviewing who has the Project Owner role. Identity-Aware Proxy is used to control access to web applications and resources, and it does not relate to project ownership.
Option C, enabling Audit Logs on the IAM & admin page for all resources, and validating the results, can help identify who has made changes to IAM policies, but it does not show who currently has the Project Owner role.
Option D, using the command gcloud projects get"iam"policy to view the current role assignments, is the correct answer as it shows the current IAM policy of the project, including who has the Project Owner role. The command lists the members and roles associated with the project, along with their respective permissions.
In summary, to review who has been granted the Project Owner role in a Google Cloud Platform project, use the command gcloud projects get"iam"policy to view the current role assignments.