terrascan icon indicating copy to clipboard operation
terrascan copied to clipboard

Published 20 hours ago verified publisher icon tenable

Terrascan warns against using the cloud-platform scope for Google Compute Engine VMs

Open ferrarimarco opened this issue 3 years ago • 0 comments

  • terrascan version: 1.12.0
  • Operating System: Alpine Linux

Description

Terrascan reports a violation when using the cloud-platform scope for Compute Engine virtual machines. According to https://cloud.google.com/compute/docs/access/service-accounts#accesscopesiam:

A best practice is to set the cloud-platform access scope on the instance, then control the service account's API access with IAM roles.

Maybe Terrascan shouldn't enforce not using the cloud-platform scope?

ferrarimarco avatar Nov 23 '21 14:11 ferrarimarco