Aqua CSPM

Service Account User

Quick Info

Plugin TitleService Account User
CloudGOOGLE
CategoryIAM
DescriptionEnsures that no users have the Service Account User role.
More InfoThe Service Account User role gives users the access to all service accounts of a project. This can result in an elevation of privileges and is not recommended.
GOOGLE Linkhttps://cloud.google.com/iam/docs/overview
Recommended ActionEnsure that no service accounts have the Service Account User role attached.

Detailed Remediation Steps