GCP-Compute-VM-Instances-Least-Privilege
- naveen
Owned by naveen
Dec 08, 2021
1 min read
Loading data...
Severity : High
Description : To support the principle of least privilege and prevent potential privilege escalation, it is recommended that instances are not assigned to the default service account, Compute Engine default service account with a scope allowing full access to all cloud APIs.
Remediation Steps : For all instances, if the default service account is used, ensure full access to all cloud APIs is not configured.
Blue Hexagon Proprietary