Cloud Run Principle of Least Privilege

Опубликовано 23 мая 2024, 16:00

There are two security settings for Cloud Run services: what can trigger the service and what the service can do when it runs. Developers often forget about the latter, which can lead to lost data and cost overruns. Follow along as JK Gunnink shows Martin Omander how to tighten security by applying the Principle of Least Privilege to a Cloud Run service.

Chapters:
0:00 - Intro
0:52 - The two security settings in Cloud Run
3:08 - How to apply the principle
4:18 - Creating a service account
5:14 - Creating a new role
6:38 - Granting the role to the service account
7:12 - Naming
7:56 - Creating roles and service account at scale
8:52 - Wrap up

Resources:
Cloud Run access control → goo.gle/3UrDOA8
Naming section of the Enterprise foundations blueprint → goo.gle/3UU4WcC
Cloud Run Terraform module: → goo.gle/4bfSsl9

Checkout more episodes of Serverless Expeditions → goo.gle/ServerlessExpeditions
Subscribe to Google Cloud Tech → goo.gle/GoogleCloudTech

#ServerlessExpeditions