Statements (35)
Predicate | Object |
---|---|
gptkbp:instanceOf |
Cloud Security Concept
|
gptkbp:attachedTo |
gptkb:Cloud_Functions
gptkb:EC2_Instances Service Accounts ECS Tasks Lambda Functions |
gptkbp:auditedBy |
gptkb:CloudTrail
|
gptkbp:bestPractice |
Use least privilege
|
gptkbp:canBeAssumedBy |
Services
Applications Users |
gptkbp:canBeTemporary |
No
Yes |
gptkbp:createdBy |
gptkb:Cloud_Administrators
|
gptkbp:defines |
Set of permissions
|
gptkbp:enables |
Temporary access
|
gptkbp:example |
AWS S3 Access Role
Azure Contributor Role GCP Compute Engine Service Account Role |
https://www.w3.org/2000/01/rdf-schema#label |
IAM Roles
|
gptkbp:managedBy |
IAM Policies
|
gptkbp:purpose |
Grant permissions to entities
|
gptkbp:relatedTo |
IAM Groups
IAM Policies IAM Users |
gptkbp:repealedBy |
gptkb:Cloud_Administrators
|
gptkbp:supports |
Multi-factor authentication
Service accounts Cross-account access Federated users |
gptkbp:usedIn |
gptkb:Google_Cloud_Platform
gptkb:Amazon_Web_Services gptkb:Microsoft_Azure |
gptkbp:bfsParent |
gptkb:AWS_Glue_Jobs
|
gptkbp:bfsLayer |
6
|