catalog logoThe IAM Privilege Catalog

services / Google Cloud / BigQuery connections

External read-only connections to data in other services (both within and without GCP).

Deletion or alteration of connections can interrupt dependent operations. Reading connection metadata can expose database accounts.

bigquery.​connections.​get

Exposes SQL connection metadata. Per Google documentation, SQL credentials are omitted.

Risks

  1. Infrastructure discovery (LOW)

Scope: HIGH

This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.

Links

  • https:​/​/​cloud.​google.​com/​bigquery/​docs/​access-​control
  • https:​/​/​cloud.​google.​com/​bigquery/​docs/​working-​with-​connections

    • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog