IAM misconfigurations

User with a Gmail personal account

Risk Level

Informational (4)



Gmail accounts are personally created and managed. Organizations don't have control over them. It is best practice to use corporate email accounts.
  • Recommended Mitigation

    Use email accounts that are corporate for better visibility, audit and control over access to GCP resources.