Domain-Wide Delegation Permissions
GCP CIEM product editions fall into two main categories: CIEM Basic and CIEM Advanced. CIEM Advanced facilitates domain-wide delegation, allowing a Google Workspace super administrator to entrust a service account with the capability to gather Google IAM and Workspace resources. This is crucial for conducting routine cloud scans and IAM evaluations. Following is a comparative list of features supported across both editions.
GCP Users
| Permissions | CIEM Basic | CIEM Advanced (Domain-Wide Delegation) |
|---|---|---|
| Risk Findings |
|
|
| Profiling Label | Learning | Learning |
| Permissions Calculation | Available | Available |
| Highest Access Evaluation | Available | Available |
| Risk Scoring | Available | Available |
| Role Remediations | Available | Available |
| Download CSV Reports | Available | Available |
GCP Service Accounts
| Permissions | CIEM Basic | CIEM Advanced (Domain-Wide Delegation) |
|---|---|---|
| Risk Findings |
|
|
| Profiling Label | Learning | Learning |
| Permissions Calculation | Available | Available |
| Highest Access Evaluation | Available | Available |
| Risk Scoring | Available | Available |
| Role Remediations | Available | Available |
| Download CSV Reports | Available | Available |
GCP Groups
| Permissions | CIEM Basic | CIEM Advanced (Domain-Wide Delegation) |
|---|---|---|
| Risk Findings |
|
|
| Profiling Label | Learning | Learning |
| Permissions Calculation | Unavailable | Available |
| Highest Access Evaluation | Available | Available |
| Risk Scoring | Unavailable | Available |
| Role Remediations | Unavailable | Available |
| Download CSV Reports | Available | Available |
GCP Roles
| Permissions | CIEM Basic | CIEM Advanced (Domain-Wide Delegation) |
|---|---|---|
| Risk Findings |
| |
| Profiling Label | Learning | Learning |
| Permissions Calculation | Available | Available |
| Highest Access Evaluation | Available | Available |
| Risk Scoring | Available | Available |
| Role Remediations | Available | Available |
| Download CSV Reports | Available | Available |
| Membership Evaluation | Unavailable | Available |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.