ASSOCIATE-CLOUD-ENGINEER · Question #131
ASSOCIATE-CLOUD-ENGINEER Question #131: Real Exam Question with Answer & Explanation
The correct answer is D: Add the user to roles/iam.serviceAccountAdmin role.. To allow a user to manage service accounts, grant one of the following roles: Service Account User (roles/iam.serviceAccountUser): Includes permissions to list service accounts, get details about a service account, and impersonate a service account. Service Account Admin (roles/i
Question
Your organization has a dedicated person who creates and manages all service accounts for Google Cloud projects. You need to assign this person the minimum role for projects. What should you do?
Options
- AAdd the user to roles/iam.roleAdmin role.
- BAdd the user to roles/iam.securityAdmin role.
- CAdd the user to roles/iam.serviceAccountUser role.
- DAdd the user to roles/iam.serviceAccountAdmin role.
Explanation
To allow a user to manage service accounts, grant one of the following roles: Service Account User (roles/iam.serviceAccountUser): Includes permissions to list service accounts, get details about a service account, and impersonate a service account. Service Account Admin (roles/iam.serviceAccountAdmin): Includes permissions to list service accounts and get details about a service account. Also includes permissions to create, update, and delete service accounts, and to view or change the IAM policy on a service account.
Community Discussion
No community discussion yet for this question.