疑似Oday
Ensure that your Google Compute Engine instances are not configured to use the default Google Cloud service account in order to implement the principle of least privilege (POLP) and secure the access to your cloud resources. The default Compute Engine service account, named <project-number>-compute@developer.gserviceaccount.com, is associated with the Editor role at the project level, which allows read and write access to most Google Cloud Platform (GCP) services.
id: gcloud-vm-default-service-account
info:
name: VM Instance Using Default Service Account
aut
...