catalog logoThe IAM Privilege Catalog

risks / Infrastructure discovery

Description

Allows an attacker to inventory infrastructure resources. May allow an attacker to focus attacks on specific resources. When component identifiers contain sensitive information (e.g. tenant identifiers), gives attackers access to this information.

Risk: LOW

This risk may assist in additional attacks, or gain access to confidential data that do not create organizational risk on their own.

Mitigations

  1. Avoid using sensitive component identifiers

Links

  1. https:/​/​attack.mitre.org/​techniques/​T1580/​

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

apikeys.keys.get
apikeys.keys.list
appengine.applications.get
appengine.instances.get
appengine.instances.list
appengine.operations.get
appengine.operations.list
appengine.services.get
appengine.services.list
appengine.versions.get
appengine.versions.list
bigquery.capacityCommitments.get
bigquery.capacityCommitments.list
bigquery.config.get
bigquery.connections.get
bigquery.connections.list
bigquery.models.getMetadata
bigquery.models.list
bigquery.reservationAssignments.list
bigquery.reservationAssignments.search
bigquery.reservations.get
bigquery.reservations.list
bigquery.routines.get
bigquery.routines.list
bigquery.savedqueries.get
bigquery.savedqueries.list
bigquery.tables.get
bigquery.tables.list
bigquery.transfers.get
billing.accounts.getUsageExportSpec
billing.resourceAssociations copy.list
cloudbuild.builds.get
cloudbuild.builds.list
cloudbuild.connections.get
cloudbuild.connections.list
cloudbuild.repositories.get
cloudbuild.repositories.list
cloudbuild.workerpools.get
cloudbuild.workerpools.list
cloudfunctions.functions.call
cloudfunctions.functions.get
cloudfunctions.functions.invoke
cloudfunctions.functions.list
cloudfunctions.operations.get
cloudfunctions.operations.list
cloudkms.cryptoKeyVersions.get
cloudkms.cryptoKeyVersions.list
cloudkms.cryptoKeys.get
cloudkms.cryptoKeys.list
cloudkms.ekmConfigs.get
cloudkms.ekmConnections.get
cloudkms.ekmConnections.list
cloudkms.importJobs.get
cloudkms.importJobs.list
cloudkms.keyRings.get
cloudkms.keyRings.list
cloudkms.protectedResources.search
cloudsql.backupRuns.get
cloudsql.backupRuns.list
cloudsql.databases.get
cloudsql.databases.list
cloudsql.instances.get
cloudsql.instances.list
compute.autoscalers.get
compute.autoscalers.list
compute.backendBuckets.get
compute.backendBuckets.list
compute.backendServices.get
compute.backendServices.list
compute.commitments.get
compute.commitments.list
compute.disks.get
compute.disks.list
compute.forwardingRules.get
compute.forwardingRules.list
compute.globalForwardingRules.get
compute.globalForwardingRules.list
compute.globalForwardingRules.pscGet
compute.images.getFromFamily
compute.images.list
compute.images.setLabels
compute.instanceGroupManagers.get
compute.instanceGroupManagers.list
compute.instanceGroups.get
compute.instanceGroups.list
compute.instances.listReferrers
container.apiServices.get
container.apiServices.getStatus
container.apiServices.list
container.backendConfigs.get
container.backendConfigs.list
container.clusters.get
container.clusters.getCredentials
container.clusters.list
container.daemonSets.get
container.daemonSets.getStatus
container.daemonSets.list
container.deployments.get
container.deployments.getScale
container.deployments.getStatus
container.deployments.list
container.jobs.get
container.jobs.getStatus
container.jobs.list
container.namespaces.get
container.namespaces.getStatus
container.namespaces.list
container.nodes.get
container.nodes.getStatus
container.nodes.list
container.pods.get
container.pods.getLogs
container.pods.getStatus
container.pods.list
container.replicaSets.get
container.replicaSets.getScale
container.replicaSets.getStatus
container.replicaSets.list
container.secrets.get
container.secrets.list
container.serviceAccounts.get
container.serviceAccounts.list
container.statefulSets.get
container.statefulSets.getScale
container.statefulSets.getStatus
container.statefulSets.list
dataproc.clusters.list
datastore.indexes.list
iam.serviceAccounts.get
iam.serviceAccounts.list
iap.tunnelDestGroups.get
iap.tunnelDestGroups.list
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.logMetrics.create
logging.logMetrics.delete
logging.logMetrics.get
logging.logMetrics.list
logging.logMetrics.update
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.topics.get
pubsub.topics.list
recommender.cloudAssetInsights.get
recommender.cloudAssetInsights.list
resourcemanager.projects.get
resourcemanager.projects.list
run.configurations.get
run.configurations.list
run.executions.get
run.executions.list
run.jobs.get
run.jobs.list
run.revisions.get
run.revisions.list
run.routes.get
run.routes.list
run.services.get
run.services.list
run.tasks.get
run.tasks.list
secretmanager.secrets.get
secretmanager.secrets.list
secretmanager.versions.get
secretmanager.versions.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
storage.hmacKeys.get
storage.hmacKeys.list

© 2023–present P0 Security and contributors to the IAM Privilege Catalog