Control: GCP > CIS v2.0 > 4 - Virtual Machines > 4.02 - Ensure That Instances Are Not Configured To Use the Default Service Account With Full Access to All Cloud APIs

Resource Types

This control targets the following resource types:

• GCP > Compute Engine > Instance

Policies

This control type relies on these other policies when running actions:

• GCP > CIS v2.0
• GCP > CIS v2.0 > 4 - Virtual Machines > 4.02 - Ensure That Instances Are Not Configured To Use the Default Service Account With Full Access to All Cloud APIs
• GCP > CIS v2.0 > 4 - Virtual Machines

Category

• CIS > Controls v7 > 04 Controlled Use of Administrative Privileges > 4.07 Limit Access to Scripting Tools

In Your Workspace

• Controls by Resource report
• Controls by Control Type report

Developers

Control Type URI

tmod:@turbot/gcp-cisv2-0#/control/types/r0402

Category URI

tmod:@turbot/cis#/control/categories/v070407

GraphQL

query controlType(id: "tmod:@turbot/gcp-cisv2-0#/control/types/r0402") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/gcp-cisv2-0#/control/types/r0402'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-cisv2-0#/control/types/r0402"