User with Admin and standard user roles

IAM misconfigurations

User with Admin and standard user roles

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
GCP CIS
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Service Account admin Role allows the user/identity to create, delete, and manage service accounts. Service Account User Role allows the user/identity to assign service accounts to Apps/Compute Instances. No user should have Service Account Admin and Service Account User roles assigned at the same time to avoid security or privacy incidents and errors.

Recommended Mitigation

Make sure no user is assigned with Service Account Admin and Service Account User roles at the same time.

User with Admin and standard user roles

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS