IAM misconfigurations

User with Admin and standard user roles

Platform(s)
Compliance Frameworks

Brazilian General Data Protection (LGPD), CCM-CSA, CCPA, cis_8, CPRA, Data Security Posture Management (DSPM) Best Practices, essential_8_au, GCP CIS, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, pipeda, UK Cyber Essentials

Description

Service Account admin Role allows the user/identity to create, delete, and manage service accounts. Service Account User Role allows the user/identity to assign service accounts to Apps/Compute Instances. No user should have Service Account Admin and Service Account User roles assigned at the same time to avoid security or privacy incidents and errors.