- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Security best practices recommend that the principle of ‘Separation of Duties’ is enforced while assigning service-account related roles to users. This is achieved by ensuring that no user has the Service Account Admin and Service Account User roles assigned at the same time.
The predefined IAM role Service Account admin
allows the user/identity to
create, delete, and manage service account(s). The predefined IAM role Service Account User
allows the user/identity (with adequate privileges on Compute and App Engine) to assign service account(s) to Apps/Compute instances.
Separation of duties is the concept of ensuring that one individual does not have all necessary permissions to be able to complete a malicious action. Using Cloud IAM service accounts, a malicious user could assume the identity of a service account to access resources that they otherwise cannot access.
Separation of duties is a business control typically used in larger organizations, meant to help avoid security or privacy incidents and errors. It is considered a best practice.
No user should have Service Account Admin
and Service Account User
roles assigned
at the same time.
IAM & Admin/IAM
using https://console.cloud.google.com/iam-admin/iamService Account Admin
and Service Account User
roles granted/assigned, click the Delete Bin
icon to remove either role from the member.Removal of a role should be done based on the business requirements.
The removed role should be assigned to a different user based on business needs.
Users granted the Owner (roles/owner) and Editor (roles/editor) roles have privileges equivalent to Service Account Admin and Service Account User. To avoid misuse, Owner and Editor roles should be granted to a very limited number of users. Use of these primitive privileges should be minimal. These requirements are addressed in separate recommendations.