Giters

jonrau1 / ElectricEye

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[PFR] Google Workspaces and Google Cloud

jonrau1 opened this issue · comments

commented

Story

As the maintainer of ElectricEye I want to update the GCP Auditors and CloudUtils so that I can expand coverage of GCP services and use different authentication mechanisms for improving my overall security posture. Additionally I want to include Google Workspaces as a new SSPM assessment target so that I can ensure proper configurations and monitor weaknesses in my Workspaces Directory.

Definition of Done

  • IF FEASIBLE change the Service Account Client creation process to not rely on a locally written file, or, at the very least delete it when you're done.
  • Add new GCP Auditors to cover BigQuery, Cloud Functions, and anything else in #108 that is feasible
  • Add new Google Workspaces Auditor
    • Update documentation section
    • Expand CloudUtils and EEAuditor for assessments
    • Directory API in scope: Users, Mobile Devices
    • Reports API in scope: Alert Center

Nice to Have

Research Workload Identity Federation for GCP

commented

This duplicates #108