Aqua CSPM

Service Account Admin

Quick Info

Plugin TitleService Account Admin
CloudGOOGLE
CategoryIAM
DescriptionEnsures that user managed service accounts do not have any admin, owner, or write privileges.
More InfoService accounts are primarily used for API access to Google. It is recommended to not use admin access for service accounts.
GOOGLE Linkhttps://cloud.google.com/iam/docs/overview
Recommended ActionEnsure that no service accounts have admin, owner, or write privileges.

Detailed Remediation Steps