catalog logoThe IAM Privilege Catalog

services / Google Cloud / BigQuery connections

External read-only connections to data in other services (both within and without GCP).

Deletion or alteration of connections can interrupt dependent operations. Reading connection metadata can expose database accounts.

bigquery.​connections.​use

In order to exploit a connection to read data from a third-party source, all of the following must be true: - The attacker must have permission to create a connection of the correct type - The attacker must already have read access to the target data system, or have a mechanism to give the connection read access to the target data system - The attacker can then use this permission to run queries against the connection In general, therefore, exfiltration is only possible when the attacker already otherwise has access to the target system.

Risks

  1. Data exfiltration (CRITICAL)

Scope: LOW

This privilege allows access to data that are not meant to be public, but are otherwise not sensitive.

Links

  • https:​/​/​cloud.​google.​com/​bigquery/​docs/​access-​control
  • https:​/​/​cloud.​google.​com/​bigquery/​docs/​working-​with-​connections

    • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog