Skip to main content

🔌 Google IAM Policy Binding - object.extracts.yaml

  • Contextual name: 🔌 object.extracts.yaml
  • ID: /types/CA10__CaGoogleIamPolicyBinding__c/object.extracts.yaml

Used In

LogicPolicyFlags
🧠 prod.logic.yaml🟢🛡️ Google IAM Policy Binding Member (User) is assigned a basic role🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ Google IAM Roles related to KMS are not assigned to separate users🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ Google IAM Service Account has admin privileges🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ Google IAM Users are assigned the Service Account User or Service Account Token Creator roles at Project level🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ Google Project with KMS keys has a principal with Owner role🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ Google Resource Manager Organization has a Redis IAM role assigned🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ Google Storage Bucket is anonymously or publicly accessible🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ Google User has both Service Account Admin and Service Account User roles assigned🟢🟢 x3

Content

Open File

---
extracts:
  - name: "Name"
    value: 
      FIELD:
        path: "Name"
        undeterminedIf:
          isEmpty:  "Name should not be empty"
  - name: "CA10__membersAllUsers__c"
    value: 
      FIELD:
        path: "CA10__membersAllUsers__c"
        undeterminedIf:
          isEmpty:  "Field should not be empty"
  - name: "CA10__membersAllAuthenticatedUsers__c"
    value: 
      FIELD:
        path: "CA10__membersAllAuthenticatedUsers__c"
        undeterminedIf:
          isEmpty:  "Field should not be empty"