auditing-gcp-iam-permissions

Featured

Auditing Google Cloud Platform IAM permissions to identify overly permissive bindings, primitive role usage, service account key proliferation, and cross-project access risks using gcloud CLI, Policy Analyzer, and IAM Recommender.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Auditing GCP IAM Permissions ## When to Use - When performing security assessments of GCP organization or project IAM configurations - When identifying service accounts with excessive permissions or unused access - When compliance requirements mandate review of access controls and role assignments - When investigating potential lateral movement through IAM misconfigurations - When reducing the blast radius of compromised credentials by scoping down permissions **Do not use** for VPC firewall rule auditing (use network security tools), for GKE RBAC auditing (use Kubernetes-specific RBAC tools), or for real-time threat detection on IAM actions (use SCC Event Threat Detection). ## Prerequisites - GCP organization or project with `roles/iam.securityReviewer` and `roles/cloudAsset.viewer` - gcloud CLI authenticated with appropriate permissions - Cloud Asset API enabled (`gcloud services enable cloudasset.googleapis.com`) - IAM Recommender API enabled (`gcloud services enable recommender.googleapis.com`) - Policy Analyzer API enabled (`gcloud services enable policyanalyzer.googleapis.com`) ## Workflow ### Step 1: Enumerate IAM Bindings Across the Organization List all IAM bindings at organization, folder, and project levels to understand the full access landscape. ```bash # Organization-level IAM bindings gcloud organizations get-iam-policy ORG_ID \ --format=json > org-iam-policy.json # Search all IAM policies across the organization gcloud asset search-all-iam-polici...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Google Cloud · Cloud Kubernetes · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

securing-aws-iam-permissions

This skill guides practitioners through hardening AWS Identity and Access Management configurations to enforce least privilege access across cloud accounts. It covers IAM policy scoping, permission boundaries, Access Analyzer integration, and credential rotation strategies to reduce the blast radius of compromised identities.

12,642 Updated today
mukul975
AI & Automation Solid

performing-gcp-penetration-testing-with-gcpbucketbrute

Perform GCP security testing using GCPBucketBrute for storage bucket enumeration, gcloud IAM privilege escalation path analysis, and service account permission auditing

12,642 Updated today
mukul975
AI & Automation Featured

aws-security-audit

Comprehensive AWS security posture assessment using AWS CLI and security best practices

39,227 Updated today
sickn33
AI & Automation Featured

auditing-kubernetes-cluster-rbac

Auditing Kubernetes cluster RBAC configurations to identify overly permissive roles, wildcard permissions, dangerous ClusterRoleBindings, service account abuse, and privilege escalation paths using kubectl, rbac-tool, KubiScan, and Kubeaudit.

12,642 Updated today
mukul975
AI & Automation Featured

aws-iam-best-practices

IAM policy review, hardening, and least privilege implementation

39,227 Updated today
sickn33