Policy Settings
The Enforce GCP IAM User-Managed Service Accounts Belong To Trusted Domains And Users policy pack has 3 policy settings:
Policy | Setting | Note |
---|---|---|
GCP > IAM > Service Account > Policy > Trusted Access | Check: Trusted Access > * | |
GCP > IAM > Service Account > Policy > Trusted Access > Domains | - example.com - acme.com | |
GCP > IAM > Service Account > Policy > Trusted Access > Users | - "*@example.com" - "*@acme.com" |