ellefc
Reputation: 273
Is it possible to view a list of all resources with a specific permission?
I would like to quickly identify where a specific permission is applied across my whole GCP estate. For example I would like to know what resources are configured with the permission iam.serviceAccounts.actAs
Is there a command for this?
Upvotes: 2
Views: 251
Answers (1)
John Hanley
Reputation: 81336
No. You will need to check: 1) IAM in each project. 2) Every resource in your Google Project that supports identity (Compute Engine, Cloud Functions, etc.). 3) Each organization and folder as roles can be inherited. 4) Each Cloud Storage object also supports identity but not actAs.
The design of Google Cloud does not make this task easy nor bulletproof.
Upvotes: 2
Related Questions
- How to list all the IAM roles that include a given permission in GCP
- GCP - Deny Permissions for Specific Resources
- Google Cloud: How to list granted permission for user or service account?
- GCP Command to Read All User's Permissions
- How can i list all resources across my whole GCP estate that have a specific role?
- Google Cloud Platform: How to fetch permissions assigned for particular Identity across all GCP resources via REST call
- Google Cloud - permissions by resource Label or ID
- Get list of assets/resource for a given project in GCP without any organization level permissions
- Can I get a list of all resources for which a user has been added to a role?
- GCP: List grantable roles per resource