services / Google Cloud / BigQuery jobs
BigQuery models allow users to build machine-learning pipelines within BigQuery.
Marked as HIGH (vs. CRITICAL), as the scope of data accessible via models is generally likely to be more limited than direct query access. This may underestimate scope in the event that an organization's primary function depends on machine learning implemented within BigQuery models.
bigquery.models.create
From Google: "Create new models.". Requires read access to any source data.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog