You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
WunderGraph commits fully to Open Source and we want to make sure that we can help you as fast as possible.
The roadmap is driven by our customers and we have to prioritize issues that are important to them.
You can influence the priority by becoming a customer. Please contact us here.
Component(s)
router
Component version
latest
wgc version
latest
controlplane version
latest
router version
latest
What happened?
Detailed paths
Introduced through: resource › google_project_iam_member[cosmo-service-account-permissions]
https://github.com/cosmo/blob/main/infrastructure/router/modules/google-cloudrun/iam.tf
This issue is...
IAM user has Service Account User or Service Account Token Creator role assigned at project level
The impact of this is...
Users can impersonate service accounts and abuse the elevated permissions
You can resolve it by...
Remove roles/iam.serviceAccountUser and roles/iam.serviceAccountTokenCreator from project level bindings
Environment information
No response
Router configuration
No response
Router execution config
No response
Log output
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: