Vendor services misconfigurations

Cloud function with policy members ‘all users’

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

GCP cloud function {GcpCloudFunction} was detected running with policy bindings with 'allUsers' in Members, allowing access to all users.
  • Recommended Mitigation

    Restrict the public access to the GCP cloud function to authorized users only.