Service Accounts

The Service Accounts page is used with GCP only, highlighting the risks associated with your GCP service accounts.

The GCP CIEM data is in Technical Preview status.

Filter and Sort

Actionable Risk focuses on unused permissions, while Risk looks at all permissions. It is designed to help you achieve Least Permissive access.

Values: Critical, High, Medium, Low

This is a calculation of risk based on all permissions. See also: Understanding Risk Scoring.

Values: Critical, High, Medium, Low

This shows the number of unused permissions per total permissions for the group, shown as a percentage graph.

When remediating, immediately target the groups with the greatest exposure and refine them according to the suggestions.

The findings for GCP accounts focus on highly permissive Google IAM roles, key management, and

Admin: Admin access granted
Multiple Access Keys Active: Rotating access keys is safer than maintaining multiple active keys.
Editor Role Applied: The GCP Editor role includes permissions to create and delete resources for most Google Cloud services.
User-Managed Key: User-managed keys are less secure than Google-managed keys.
Lateral Movement: Sysdig leverages findings from the GCP Recommender Insights API to detect when a Service Account can move laterally from one project to another due to the roles/permissions it is granted.
Owner Role Applied: The GCP project owner role includes all Editor permissions plus many others.

Search: Free text search on terms in the resource name
Actionable Risks: By severity
Cloud Accounts: GCP cloud account name/number
Access Categories: Admin, Write, Read, or Empty Access
Findings: Admin , Multiple Access Keys Active, Editor Role Applied, User Managed Key, Lateral Movement, Owner Role Applied

Was this page helpful?

Sorry to hear that. Please tell us how we can improve.