Not Proper Email Account In Use

  • Query id: 9356962e-4a4f-4d06-ac59-dc8008775eaa
  • Query name: Not Proper Email Account In Use
  • Platform: Terraform
  • Severity: High
  • Category: Insecure Configurations
  • URL: Github

Description

Gmail accounts are being used instead of corporate credentials
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "google_project_iam_binding" "positive1" {
  project = "your-project-id"
  role    = "roles/editor"

  members = [
    "user:jane@gmail.com",
  ]
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "google_project_iam_binding" "negative1" {
  project = "your-project-id"
  role    = "roles/editor"

  members = [
    "user:jane@example.com",
  ]
}