Control: Compute Instances should restrict IAM write permission
Description
This is control ensures that Compute Instance does not allow IAM write permissions.
Usage
Run the control in your terminal:
powerpipe control run gcp_compliance.control.compute_instance_no_iam_write_permissionSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run gcp_compliance.control.compute_instance_no_iam_write_permission --shareSQL
This control uses a named query:
compute_instance_no_iam_write_permission