Control: GCP > Project > Policy > Trusted Access
Take an action when GCP Project IAM policy is not trusted based on the GCP > Project > Policy > Trusted Access > *
policies.
The Trusted Access control evaluates the IAM policy against the list of allowed members in each of the Trusted Access sub-policies (Trusted Access > Domains, Trusted Access > Groups, etc)., this control raises an alarm and takes the defined enforcement action.
If set to "Enforce: Trusted Access > *", access to non-trusted members will be removed.
Resource Types
This control targets the following resource types:
Primary Policies
The following policies can be used to configure this control:
- Trusted Access
- Trusted Access > Domains
- Trusted Access > Groups
- Trusted Access > Service Accounts
- Trusted Access > Users
Category
In Your Workspace
Developers
- tmod:@turbot/gcp-iam#/control/types/projectIamPolicyTrustedAccess
- tmod:@turbot/turbot#/control/categories/securityTrustedAccess
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-iam#/control/types/projectIamPolicyTrustedAccess"
Get Controls
Control Type URI
Category URI
GraphQL
CLI