IAM misconfigurations

Over privileged Vm instance

Platform(s)
Compliance Frameworks

Description

We have found a Vm instance with full access to all Cloud APIs that is using the default service account. To support principle of least privileges and prevent potential privilege escalation it is recommended that instances are not assigned to default service account Compute Engine default service account with Scope Allow full access to all Cloud APIs.
Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.