💼 4.2 Ensure That Instances Are Not Configured To Use the Default Service Account With Full Access to All Cloud APIs - Level 1 (Automated)

ID: /frameworks/cis-gcp-v3.0.0/04/02

Description

To support principle of least privileges and prevent potential privilege escalation it is recommended that instances are not assigned to default service account Compute Engine default service account with Scope Allow full access to all Cloud APIs.

Similar

Sections
- /frameworks/cis-gcp-v2.0.0/04/02
Internal
- ID: dec-c-44f4cbc3

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS GCP v2.0.0 → 💼 4.2 Ensure That Instances Are Not Configured To Use the Default Service Account With Full Access to All Cloud APIs - Level 1 (Automated)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS GCP v2.0.0 → 💼 4.2 Ensure That Instances Are Not Configured To Use the Default Service Account With Full Access to All Cloud APIs - Level 1 (Automated)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ Google GCE Instance is configured to use the Default Service Account with full access to all Cloud APIs🟢	1	🟢 x6	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​