<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>GCP on Mohammed Fayasuddin</title><link>https://fayasuddin.blog/tags/gcp/</link><description>Recent content in GCP on Mohammed Fayasuddin</description><generator>Hugo -- 0.151.0</generator><language>en-us</language><lastBuildDate>Sun, 05 Oct 2025 20:29:21 +0530</lastBuildDate><atom:link href="https://fayasuddin.blog/tags/gcp/index.xml" rel="self" type="application/rss+xml"/><item><title>Stop Overpowered Service Accounts: How to Apply Least Privilege in Google Cloud the Right Way</title><link>https://fayasuddin.blog/posts/lock_down_gcp_service_accounts_with_least_privilege/</link><pubDate>Sun, 05 Oct 2025 20:29:21 +0530</pubDate><guid>https://fayasuddin.blog/posts/lock_down_gcp_service_accounts_with_least_privilege/</guid><description>&lt;h1&gt;&lt;/h1&gt;
&lt;h2 id="introduction-overprivileged-accounts-are-a-hidden-risk"&gt;Introduction: Overprivileged Accounts Are a Hidden Risk&lt;/h2&gt;
&lt;p&gt;In Google Cloud, service accounts are the backbone of automation, enabling applications and scripts to interact securely with cloud resources. But when a service account has &lt;strong&gt;more privileges than necessary&lt;/strong&gt;, it becomes a ticking time bomb a single compromised account can lead to data leaks, resource misuse, or lateral movement across your cloud environment.&lt;/p&gt;
&lt;p&gt;This post dives into &lt;strong&gt;how to enforce the Principle of Least Privilege (PoLP) for Google Cloud service accounts&lt;/strong&gt;, with actionable examples and best practices that even experienced cloud architects will find indispensable.&lt;/p&gt;</description></item><item><title>Cloud Security Posture Management (CSPM): Why Your Cloud Is Probably More Exposed Than You Think</title><link>https://fayasuddin.blog/posts/cloud_security_posture_management_cspm/</link><pubDate>Sun, 13 Jul 2025 10:00:00 +0530</pubDate><guid>https://fayasuddin.blog/posts/cloud_security_posture_management_cspm/</guid><description>&lt;p&gt;I&amp;rsquo;ve lost count of how many times I&amp;rsquo;ve heard someone say &amp;ldquo;our cloud is secure&amp;rdquo; right before finding a bucket wide open to the internet.&lt;/p&gt;
&lt;p&gt;Here&amp;rsquo;s the thing - most people aren&amp;rsquo;t lying when they say that. They genuinely believe their environment is locked down. And then you run a quick scan and find 50 misconfigurations you never knew existed.&lt;/p&gt;
&lt;img src="https://images.unsplash.com/photo-1558494949-ef010cbdcc31?w=960" alt="Cloud Infrastructure"&gt;
&lt;p&gt;That&amp;rsquo;s the cloud security problem in a nutshell. You don&amp;rsquo;t know what you don&amp;rsquo;t know.&lt;/p&gt;</description></item></channel></rss>