IAM misconfigurations

User with an Administrative Primitive Role (Owner/Editor)

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Primitive roles are roles that existed prior to the introduction of IAM in GCP. These roles are very powerful, and include a large number of permissions across all Google Cloud services. The user {GcpUser} was found with the primitive administrative role ""{GcpUser.PolicyBindings.Role}"", this role allow the user broad administrative permissions on the {GcpUser.PolicyBindings.Policy.Scope} level.