We have detected potentially unused GCP service accounts across GCP projects under traveloka.com organization. Due to security reasons, we will audit those service account and disabling it upon being verified unused.
Currently we have 1000+ GCP service accounts, and about 500+ of them are potentially unused. That's about 50% utilisation, and that's not a good figure. For security purpose, we'd like to remove unused GCP service accounts to strengthen our security and governance.
Everybody who uses GCP projects in traveloka.com organization.
All GCP projects will be audited for unused service accounts. List of number of potentially unused service accounts per GCP project is listed in this sheet.
You don't need to do anything. However, if you felt any disruption to your GCP service, especially regarding permission denied due to service account deactivation, please notify data-cde to make remediation action as soon as possible (reactivation of the service account used by the impacted service)
We will carry out this deactivation from today (17 Nov 2021) onwards