Open deepakdimri-ce opened 3 years ago
hi @daniel-cit, can you help with issue #207?
Hi @deepakdimri-ce. By your description, your example is triggering a SHA finding, not an ETD finding:
"textPayload": "Function error: rule \"primitive_roles_used\" not found\n",
which is the SHA finding PRIMITIVE_ROLES_USED
A user has one of the following IAM basic roles: roles/owner, roles/editor, or roles/viewer.
These roles are too permissive and shouldn't be used.
Instead, they should be assigned per project only.
which is not a SHA finding supported by security-response-automation
revoke IAM function is not removing anomalous IAM grant and failing with the error. The sequence of event is. Editor Role is added to the user -> ETD detect the anomalous IAM grant ->notification is sent to pub/sub topic -> router function is triggered and it ends with below error: