Vendor services misconfigurations

Cloud function with public invoker privileges

Description

GCP cloud function {GcpCloudFunction} was detected running with public invoker privileges, allowing any user on the internet to invoke the function.
  • Recommended Mitigation

    Restrict the permitted roles or restrict this behavior to specific and authorized users.