| Plugin Title | Service Account Separation |
| Cloud | |
| Category | IAM |
| Description | Ensures that no users have both the Service Account User and Service Account Admin role. |
| More Info | Ensuring that no users have both roles follows separation of duties, where no user should have access to resources out of the scope of duty. |
| GOOGLE Link | https://cloud.google.com/iam/docs/overview |
| Recommended Action | Ensure that no service accounts have both the Service Account User and Service Account Admin role attached. |