Awesome GCP Security

A curated list of resources related to Google Cloud Platform security.

Tools

• Security Command Center (SCC)
• Organization policy constraints - set of preventive controls to make your GCP environement secure-by-default.
• Terraform Sentinel Policies for GCP
  • Google CLoud Platform IAM Sentinel Policies
• Google Cloud security foundations guide Terraform reporsitory - build a secure-by-default GCP environement using Terraform. Also called Secure Landing Zone.
• Forseti - Open source security configuration scanner and policies monitoring for GCP.
• GCP IAM recommender - identify excessive permission based on actual usage.
• gcploit - for blue (BFS search tools) and red teams.

Resources (documentation, videos, podcasts...)

• Google documentation
  • Google Cloud security best practices center
  • Best practices for securing service accounts
  • GCP GKE - Hardening your cluster's security
• Google Cloud Next 2020 Sessions
• Google Cloud Next 2019 Sessions
• Google Cloud Security Foundation Guide
• Google Security Blog - not only GCP but worth taking a look.
• Cloud Security Podcast by Google
• Google Cloud Platform Podcast - not only security, but a lot of topics are related to security.
• CIS Google Cloud Platform Foundation Benchmark

Individual articles/videos to dig deeper

• The 2 limits of Google Cloud IAM service
• Google OAuth credential: going deeper, the hard way
• Compromise any GCP Org Via Cloud API Lateral Movement and Privilege Escalation: Blackhat/Defcon 2020
• BSidesSF 2020 - The GCP Metadata API (Dylan Ayrey • Allison Donovan)