- Audit
- IAM Audit
Checks performed
- Users Should Use Work Email For Access
- KMS Admin Roles Should Not Have CryptoKey Role
- User Managed Service Account Should Not Have Admin Priviledges
- Service Account Keys Should Be Rotated
- Keys Should Be Managed By Google
- Service Accounts Should Not Have Admin Privileges
- Users Should Not Have Service Account User Role
- Service Account Keys Should Be Managed By Google
- KMS Cryptokeys Should Not Be Public
- KMS Encryption Keys Should Be Rotated
- Cryptographic Keys Should Be Rotated