IAM misconfigurations

User with Administrative Privileges within Resource Scope


The User '{GcpUser}' was granted an administrative role ({GcpUser.PolicyBindings.Role}) at the resource level ({GcpUser.PolicyBindings.Policy.Scope}). This role allows the user to perform all actions on the resource. Users should be provided only with the permissions they require. If the user does not require all actions, this role should be replaced with a less privileged one
  • Recommended Mitigation

    It is recommended to provide a user with only the necessary permissions. Evaluate the user's permissions and consider removing the binding to {GcpUser.PolicyBindings.Role}