A company needs to allow a third-party auditor to view all Compute Engine resources in a project but not allow any modifications. The auditor must not have access to any other services. Which THREE steps should be taken?
Compute Viewer provides read-only access to Compute Engine resources.
Why this answer
The correct IAM role is Compute Viewer. To restrict access to only Compute Engine, do not grant other roles. The viewer role should be assigned at the project level to cover all Compute resources.