GCP SCC detects that the permission has been non-solvay account.
Further investigation is required to see which action to be performed.
The GCP Security team will need to evaluate based on the actions below:
| Actions | Follow up |
|---|---|
Check if account granted belongs to service account. | Service account - Close finding. Check with owner - Check the why and remove the account. |
See the table below for recommended action after investigation.
| Yes / No | Action |
|---|---|
| Check with owner. | Check with the owner that the permission can only be granted to Solvay account or service account from GCP. If no valid reason, remove the account. |
| Close finding. | Update the JIRA ticket's rememdiation action to be "False positive. Permission granted to service account." and closed the ticket. |
{
"sensitiveRoleGrant": {
"principalEmail": "xxx@xxx.com",
"bindingDeltas": [{
"action": "ADD",
"role": "roles/xxx",
"member": "xxx@xxx.com"
}
],
"members": ["user:xxx@xxx.com"]
}
} |