ServiceNow CMDB CI relationship sync: faster, more complete →
Mods
GCP

Policy: GCP > KMS > Key Ring > Policy > Trusted Access

Check or Enforce access checking on the GCP KMS Key Ring policy.

Google Cloud IAM allows you to control who has access to the kms key ring via an IAM Policy. The Trusted Access policy allows you to configure whether Guardrails will evaluate or enforce restrictions on which members are allowed to be granted access.

If enabled, the members in the IAM policy will be evaluated against the list of allowed members in each of the Trusted Access sub-policies (Trusted Access > Domains, Trusted Access > Groups, etc).

If set to "Enforce: Trusted Access > *", access to non-trusted members will be removed.

Resource Types

This policy targets the following resource types:

Primary Policy

This policy is used with the following primary policy:

Controls

Policy Specification

Schema Type
string
Default
Skip
Valid Values [YAML]
  • Skip
    
  • Check: Trusted Access > *
    
  • Enforce: Trusted Access > *
    

Category

In Your Workspace

Developers