Risk Level: High
Cloud Entity: GCP IAM User
CloudGuard Rule ID: D9.GCP.IAM.20
Covered by Spectral: No
Category: Security, Identity, & Compliance
GcpIamUser where userData.suspended=true should have userData.lastLoginTime after(-6,'months')
- Go to Admin console : https://admin.google.com
- From the Admin console Home page, go to Users.
- In the Users list, find the user.
- Point to the user you want to delete and click Moreand thenDelete user
- Depending on your privileges as an admin, choose an option:
- Delegated admins : To confirm that you understand the impact of deleting the account, check the boxes.
- Super admins: To transfer ownership of user content:
If you don't want to transfer the user's data, next to Data in other apps, select Don't transfer data.
If you do want to transfer the user's data:
a. Next to Data in other apps, select Transfer.
b. In the Search for a user field, enter the name or email address of the user to whom you want to transfer the files deleted users files.
c. Under Select data to transfer, check the boxes next to each option you want.
- Click Delete User.
An IAM user is an entity that you create in GCP to represent the person or service that uses it to interact with GCP.
- CloudGuard GCP All Rules Ruleset
- GCP CloudGuard Best Practices
- GCP GDPR Readiness
- GCP LGPD regulation
- GCP MITRE ATT&CK Framework v12.1
- GCP NIST 800-53 Rev 5
- GCP PCI-DSS 4.0
Updated 3 months ago