Lateral Movement and Privilege Escalation in GCP; Compromise any Organization Without Dropping an Implant

Conference:  Defcon 28



The presentation discusses the importance of understanding IAM in GCP and the potential risks associated with it. It also highlights the tools and features available to help with IAM management and security.
  • IAM in GCP is resource-centric and can lead to interconnected projects in unexpected ways
  • Understanding IAM is crucial for managing security risks in GCP
  • Tools like IAM Analyzer and IAM Recommender can help with IAM management and security
  • Limitations and constraints of IAM policies and tools should be considered
  • Collaboration with Google can lead to new features and improvements in GCP security
The presenters discuss how they were able to compromise service accounts in a project through the default editor role on a Spark job. They also highlight the potential dangers of cross-project role bindings and the importance of hardening Kubernetes clusters with workload identity. They mention the limitations of the organization policy service and the need for administrative capabilities to use auditing tools like IAM Analyzer. They also mention the release of a Terraform Enterprise Sentinel policy set to enforce IAM configurations. Finally, they emphasize the importance of engaging with Google for guidance on IAM management and security in GCP.


Google Cloud’s security model in many ways is quite different from AWS. Spark jobs, Cloud Functions, Jupyter Notebooks, and more default to having administrative capabilities over cloud API's. Instead of defaulting to no capabilities, permissions are granted to default identities. One default permission these identities have is called actAs, which allows a service by default to assume the identity of every service account in its project; many of which typically have role bindings into other projects and across an organization's resources. This means by default many API's and identities can compromise large swaths of an organization by moving laterally by impersonating or gaining access to other identities. This can all be done without dropping a single implant on a machine. In this talk we'll demonstrate several techniques to perform identity compromise via the ActAs permission, privilege escalation, lateral movement, and widespread project compromise in Google Cloud. As well as release tools for exploitation. Next we'll show what detection capabilities are possible in the Google Cloud ecosystem, by showing Stackdriver logs that correspond with our exploitation techniques, and showing limitations in what's available. We'll also release tools and queries that can be used for detection . As well as insight to how we have attempted to tackle this problem at scale. Lastly we'll go over remediation efforts you can take as a Google Cloud customer, and show how difficult it can be to secure yourself against these attacks. We will release tools that can be used to harden your organization, and walk through user stories and anecdotes of what this process looks at scale within our organization.