Back Solutions
Solutions by
Back About
Back Resources
Back Research
Recommended Mitigation
Create a new service account and assign only the permissions needed by your instance and ensure that the instance is not configured to allow 'cloud-platform' scope. ## Remediation --- >1. Sign in to the GCP Console and go to the **[VM instances](https://console.cloud.google.com/compute/instances)** page. >2. Click the VM instance name for which you want to change the service account. >3. If the instance is not stopped, at the top of the page under **More actions** click **Stop**. Wait for the instance to be stopped. >4. Next, click **Edit**. >5. Scroll down to the **Service Account** section. >6. From the drop-down list, select a service account with the relevnat scope, to assign to the instance. >7. Click **Save** to save your changes. >8. At the top of the page under **More actions** click **START / RESUME** to run the instance.
Get a free Security Risk Assessment. Start today