ASSOCIATE-CLOUD-ENGINEER · Question #86
ASSOCIATE-CLOUD-ENGINEER Question #86: Real Exam Question with Answer & Explanation
The correct answer is C: gcloud projects get-iam-policy amazon-ace. To view all roles assigned to users within a specific Google Cloud project, the gcloud projects get-iam-policy command is used, specifying the project name.
Question
You are working on a project named amazon-ace, and want to list all the roles assigned to users in the project. Which of the following gcloud command would you use?
Options
- Agcloud iam list amazon-ace
- Bgcloud projects list amazon-ace
- Cgcloud projects get-iam-policy amazon-ace
- Dgcloud iam get-iam-policy amazon-ace
Explanation
To view all roles assigned to users within a specific Google Cloud project, the gcloud projects get-iam-policy command is used, specifying the project name.
Common mistakes.
- A. The
gcloud iam listcommand is not a valid or standardgcloudcommand for listing IAM policies on a project. - B. The
gcloud projects listcommand lists projects themselves, not the IAM policies or roles assigned within a specific project. - D. The
gcloud iam get-iam-policycommand is used to get IAM policies for resources other than projects, such as a service account or a specific resource, not directly for a project itself with this syntax;gcloud projects get-iam-policyis the correct project-specific command.
Concept tested. Listing project IAM policies with gcloud
Reference. https://cloud.google.com/sdk/gcloud/reference/projects/get-iam-policy
Community Discussion
No community discussion yet for this question.