GCP-Cloud-Function-using-default-service-account

Severity: Low

Description: This control ensure that default service account is not used for Cloud function. A service account is an identity that an application use to send API request on your behalf. This identity allows one to access other google cloud resources.

Remediation Steps:

Perform following to update service account for cloud functions :

1. Sign in to GCP Console https://console.cloud.google.com.

2. Go to Cloud Functions in GCP Console.

3. Click on the affected function.

4. Click on Edit button.

5. Click on Environment variables, networking, timeouts and more in the list.

6. In Service Account dropdown, select the required Service Account.

7. Click Deploy.

Important:

Reference:

• https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--service-account

• https://cloud.google.com/functions/docs/