Granting the 'iam.serviceAccountUser' or 'iam.serviceAserviceAccountTokenCreatorccountUser' roles to a user for a project gives the user access to all service accounts...
Removing orphaned and unused IAM groups eliminates the risk that a forgotten group will be used accidentally to allow unauthorized...
IAM group '{AwsIamGroup}' is using inline policies. Ensure that your IAM groups are using managed policies instead of inline policies...
This control checks whether the IAM identity-based policies that you create have Allow statements that use the * wildcard to...
The user {GcpUser} was granted an access to BigQuery as an Admin or Data Owner or Data Editor. This can...
The internet-facing asset {AwsEc2Instance} ({AwsEc2Instance.InstanceId}) was found to have full access to your EC2 resources. Instance Profiles with the AmazonEC2FullAccess...
RBAC is not enabled in {AzureAksCluster}. By enabling and configuring RBAC in your Kubernetes cluster you can grant users, groups,...
The AWS EC2 Instance was found to have full administrative privileges to your account. Instance Profiles with full administrative privileges...
User has roles which allows Privilege escalation, while the user does not have multi-factor authentication activated. If the user will...
