Get IAM policy for project¶
A user can request to see what members are associated with a project and what roles they have, to identify entities that they might wish to gain access to or backdoor.
|project_id||str||ID of the project to list entities from||phrasal-crowbar-284615|
gcloud iam service-accounts list
When logs are ingested into ELK, the following Lucene query can be used to identify relevant events.
eventName:ListUsers AND eventSource:*.iam.amazonaws.com