Cloud Run Principle of Least Privilege

There are two security settings for Cloud Run services: what can trigger the service and what the service can do when it runs. Developers often forget about the latter, which can lead to lost data and cost overruns. Follow along as JK Gunnink shows Martin Omander how to tighten security by applying the Principle of Least Privilege to a Cloud Run service. Chapters: 0:00 - Intro 0:52 - The two security settings in Cloud Run 3:08 - How to apply the principle 4:18 - Creating a service account 5:14 - Creating a new role 6:38 - Granting the role to the service account 7:12 - Naming 7:56 - Creating roles and service account at scale 8:52 - Wrap up Resources: Cloud Run access control → https://goo.gle/3UrDOA8 Naming section of the Enterprise foundations blueprint → https://goo.gle/3UU4WcC Cloud Run Terraform module: → https://goo.gle/4bfSsl9 Watch more episodes of Serverless Expeditions → https://goo.gle/ServerlessExpeditions Subscribe to Google Cloud Tech → https://goo.gle/GoogleCloudTech #ServerlessExpeditions