GCP-IAM-KMS-User-Separation
- naveen
Owned by naveen
Dec 08, 2021
1 min read
Loading data...
Severity : Medium
Description : Ensuring that no users have the KMS admin role and any one of the CryptoKey roles follows separation of duties, where no user should have access to resources out of the scope of duty.
Remediation Steps : Ensure that no service accounts have both the KMS admin role and any of CryptoKey roles attached.
Blue Hexagon Proprietary