Google Cloud Keys
Description
General
- Documentation: https://cloud.google.com/iam/docs/
- Summary: Google Cloud Platform (GCP) is a suite of cloud computing services provided by Google, offering infrastructure, analytics, AI, and application deployment tools for developers and enterprises worldwide. This detector focuses on detecting Google cloud service account keys. These keys allow a server to make authenticated API calls to the Google Cloud Platform. With appropriate scopes full control of the concerned Google Cloud infrastructure can be obtained.
Revoke the secret
A secret can be revoked via the API or from the GCP console. See the documentation for more details.
Details for Base64 Google Cloud Keys
-
Family: credentials
-
Category: cloud_provider
-
High recall: False
-
Validity check available: True
-
Analyzer available: True
-
Revoker available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Occurrences found for one million commits: 0.2
-
Prefixed: False
Details for Google Cloud Keys
-
Family: credentials
-
Category: cloud_provider
-
Company: Google
-
High recall: False
-
Validity check available: True
-
Analyzer available: True
-
Revoker available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Occurrences found for one million commits: 109.67
-
Prefixed: False
Secret Analyzer
Analysis Method
- Provider allows scopes enumeration: False
- Total network call count: 6
- Total call count may vary: False
HTTP Calls
Requests are designed to capture metadata and not to function effectively.
- GET: /v1/projects/*/serviceAccounts/*/keys
- GET: /v3/projects/*
- POST: /token
- POST: /v1/projects/*/serviceAccounts/*:testIamPermissions
- POST: /v1/projects/*:testIamPermissions
- POST: /v3/projects/*:getIamPolicy
Other Calls
Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package). No other calls for this analyzer.
