github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/google/iam/AVD-GCP-0003/docs.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/google/iam/AVD-GCP-0003/docs.md (about)

     1  
     2  Permissions should not be directly granted to users, you identify roles that contain the appropriate permissions, and then grant those roles to the user. 
     3  
     4  Granting permissions to users quickly become unwieldy and complex to make large scale changes to remove access to a particular resource.
     5  
     6  Permissions should be granted on roles, groups, services accounts instead.
     7  
     8  ### Impact
     9  Users shouldn't have permissions granted to them directly
    10  
    11  <!-- DO NOT CHANGE -->
    12  {{ remediationActions }}
    13  
    14  ### Links
    15  - https://cloud.google.com/iam/docs/overview#permissions
    16  
    17  - https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy
    18  
    19