gcp_compliance

GCP Compliance

A service account is a special Google account that belongs to an application or a VM, instead of to an individual end-user. The application uses the service account to call the service's Google API so that users aren't directly involved. It's recommended not to use admin access for ServiceAccount.

iam_service_account_without_admin_privilege

soc_2_2017_cc_6_1_3

CC6.1.3

soc_2_2017_cc_6_1_4

CC6.1.4

soc_2_2017_cc_6_1_7

CC6.1.7

soc_2_2017_cc_6_1_8

CC6.1.8

soc_2_2017_cc_6_3_1

CC6.3.1

soc_2_2017_cc_6_3_2

CC6.3.2

soc_2_2017_cc_6_3_3

CC6.3.3

all_controls_iam

nist_800_53_rev_5_ac_6

Least Privilege (AC-6)

nist_csf_v10_pr_ac_4

PR.AC-4

Ensure that Service Account has no Admin privileges

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, Forseti Security and CFT Scorecard across all your GCP projects using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-gcp-compliance

Control: Ensure that Service Account has no Admin privileges

Description

Usage

SQL

Tags