Optimize GCP Role Entitlements

Use the detail drawers on the Roles page to analyze and remediate identity risks associated with individual roles and their permissions in your GCP environment.

Manage Role Entitlements with Detail Drawers

To reduce the entitlements for a particular role, click on the role name to open the detail drawer and subtabs.

The Roles page organizes everything around the GCP role.

Summary: Displays the critical permissions issues detected for this user, sorted by Risk and Actionable Risk.
Remediation Strategies: Summarizes all the potential strategies to reduce the permissions for this user

If Sysdig has been profiling a user for less than 90 days, you will see the following message:

We recommend a 90 day period to pass before applying remediation optimizations to establish a good baseline for used permissions.

Understand Role Permissions

Hover over the % Unused Permissions column to see the permissions granted to a role:

Total Permissions: The total number of permissions granted to a role
Unused Permissions: The total number of unused permissions from all the bounded entities.

Remediation Strategies

Detach Users from this Role.
All the Users that have not used any permissions from this bound role can be detached
Detach Service Accounts from this Role
All the Service Accounts that have not used any permissions from this bound role can be detached
Detach Groups from this Role
All the Groups that have not used any permissions from this bound role can be detached

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.