Tag
gcp-iam
Safeguard articles tagged "gcp-iam" — guides, analysis, and best practices for software supply chain and application security.
4 articles
Application Security
GCP IAM security best practices
GCP IAM misconfigurations, not exploits, cause most cloud breaches. Here is how to enforce least privilege, lock down service accounts, and audit access.
Jun 19, 20267 min read
Cloud Security
How to implement least privilege for GCP service accounts
A step-by-step guide to auditing, scoping, and enforcing least privilege service accounts GCP-wide — including key rotation and IAM audit workflows.
Feb 7, 20267 min read
Cloud Security
Applying least-privilege principles to GCP IAM roles
Predefined roles, custom roles, IAM Recommender, and service account hygiene: a practical guide to applying GCP IAM least privilege without breaking production.
Jan 12, 20267 min read
Cloud Security
GCP IAM privilege escalation paths explained
Attackers escalate GCP privilege using IAM actAs chains, default Editor service accounts, and Cloud Build tokens -- no exploit code required.
Nov 3, 20257 min read