Open JOSHUAJEBARAJ opened 1 week ago
Hello @JOSHUAJEBARAJ, we will review the issue you mention and get back to you soon.
Thanks for using Prowler 🚀
Hey folks, just wanted to let you know that I am happy to work on the patch if this issue is valid.
Sure @JOSHUAJEBARAJ , that would be awesome! Let us know if you need anything from our side 😄
Steps to Reproduce
Hey folks, when I run a Prowler scan on the IAM service in GCP, one of the checks, iam_sa_no_administrative_privileges, produces a false positive.
Steps to Reproduce
Access Approval Config Editor role
to the service account in the project. Run a scan using the command below:Expected behavior
According to the CIS benchmark, for the admin role, we should check if the word is present. For the owner and editor roles, we should look for an exact match. For example only
roles/Editor
should be considered as the admin role not theAccess Approval Config Editor role
Actual Result with Screenshots or Logs
Service account with role that has name
editor
orowner
has marked as the admin privilegesHow did you install Prowler?
From pip package (pip install prowler)
Environment Resource
Running Locally
OS used
Ubuntu 22.04.4 LTS
Prowler version
Prowler 4.2.1
Pip version
pip 20.3.4
Context
No response