there is a way to deny access to cloud identity super admin to console.cloud.google.com?
In alternative there is a way to set an alert when the login to cosole?
Thx
Hi @antfrasparkle
Welcome to Google Cloud Community!
If I understand your question correctly, you're asking if there is a way to deny access to a Cloud Identity super admin from Google Cloud Console.
Unfortunately there is no way to deny access to a Cloud Identity super admin because by design a super admin account has the highest level of permission.
But there are ways to minimize the risks associated with a super admin account having full access:
For more information on best practices for Cloud Identity super admin accounts, you can refer to this Google Cloud documentation.
I hope this information is helpful.
If you need further assistance, you can always file a case with our support team.
Thx a lot LeAnt
for our sec department it would be ok even send an alert from log explorer when super admin log into cloud console. But when i see the entry into audit log, it refer to cloud console only or it refer to login into admin console also?