Skip to content

GCP Assessement

Automated

CLI

# Get current logged in account
gcloud config get-value account

# List roles and bindings — project level
gcloud projects get-iam-policy <project>

# Get role for compute instance
gcloud projects get-iam-policy <compute_instance_name>

# Describe Role in terms of granular permissions
gcloud iam roles describe <role> --project <project> 

# Scoutesuite
python3 scout.py gcp --user-account | tee <client>.scoutsuite

Priv Esc Learning Resources

Hardening Resources

GCP Best practices | GitLab