How to Securely Share Resources with External Auditors

C.

To meet the requirement of allowing an external auditor to review all the resources in a specific project while ensuring that they cannot modify any resources, you should give the auditor the appropriate level of access to the project. However, it's also important to consider the security measures in place to ensure that the auditor can only access the project and not any other resources in the organization.

Option A suggests giving the auditor the Viewer role on the project. This would allow them to view all resources in the project but not modify them. However, it does not take into account the security policy in place, and the auditor may be able to access other resources in the organization.

Option B suggests giving the auditor the Security Reviewer role on the project. This role has the ability to view all resources in the project and perform security-related actions but cannot modify any resources. This option is a better fit for the requirement but does not consider the security policy in place.

Option C suggests creating a temporary account for the auditor in Cloud Identity and giving that account the Viewer role on the project. This option ensures that the auditor does not have access to any other resources in the organization and only has access to the specific project they need to review.

Option D suggests creating a temporary account for the auditor in Cloud Identity and giving that account the Security Reviewer role on the project. This option provides the appropriate level of access and also ensures that the auditor does not have access to any other resources in the organization.

Overall, options C and D are the best fit for the requirement, as they consider both the level of access needed and the security policy in place. The final decision between these options would depend on the specific policies and procedures of the organization.