疑似Oday
Ensure that IAM roles with administrative permissions are not assigned to IAM identities (users, groups, and service accounts) managing Cloud NAT resources. This helps enforce the Principle of Least Privilege (POLP) by granting members (principals) only the minimum access necessary to complete their tasks.
id: gcloud-iam-least-privilege-nat
info:
name: Least Privilege Access for Cloud NAT Management
...