Giters

ScaleSec / gcp_sa_lister

Crawls your GCP Org and returns service accounts that have not been used in the past 90 days.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

GCP Unused Service Account Lister

Crawls your GCP Organization and returns service accounts that have not been used in the past 90 days based on GCP Recommender Service Account Insight findings.

Requirements

  • python 3.x
  • GCP Recommender API (enabled in your project)
    • To enable: gcloud services enable recommender.googleapis.com

Installation

# Clone the repo locally
git clone git@github.com:ScaleSec/gcp_sa_lister.git

# Configure virtual environment
python3 -m venv ./venv/
source ./venv/bin/activate

# Install packages
pip3 install -r requirements.txt

Execution

python3 saUnused.py

Results

The results will be in JSON format and include the service account email and project number.

Disclaimer

You need to have the Recommender service (API) enabled across your projects with insights preexisting. For directions on enabling the API visit the documentation.

About

Crawls your GCP Org and returns service accounts that have not been used in the past 90 days.

License:Apache License 2.0

Languages

Language:Python 100.0%