As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues to expand both its automation and data management capabilities.
From permissions that enable identity remapping and IAM policy manipulation to those that alter authentication configurations, certificates, and backup protections, these updates highlight how small configuration shifts can have major security implications. Collectively, they underscore the importance of monitoring emerging privileges and taking advantage of new deny policy capabilities to prevent privilege escalation, persistence, and data loss before they occur.
Existing Services with New Privileged Permissions (or new to V2)
Discovery Engine
Service Type: Data and Analytics
Permission: discoveryengine.googleapis.com/notebooks.setIamPolicy
- Action: Grants permission to set or modify IAM policies on Discovery Engine notebooks
- Mitre Tactic: Privilege Escalation
- Why it’s privileged: Allows assigning NotebookLM access to attacker-controlled accounts or roles, enabling privilege escalation.
Permission: discoveryengine.googleapis.com/identityMappingStores.importIdentityMappings
- Action: Imports a list of Identity Mapping Entries to an Identity Mapping Store
- Mitre Tactic: Privilege Escalation
- Why it’s privileged: Mapping Stores contain mappings of external identities to GCP users/groups, enabling fine-grained access controls on custom VertexAI data sources. By remapping Remaps external identities to different GCP users/groups, attacker-controlled external identities could be granted access to any data governed by those mappings.
Permission: discoveryengine.googleapis.com/dataConnectors.executeAction
- Action: Executes a third-party action using the DataConnector
- Mitre Tactic: Execution
- Why it’s privileged: Lets a caller trigger external integrations or action invocations (including FHIR/health workflows), which can run code, move or expose sensitive data, or cause changes in connected systems.
Cloud Integrations
Service Type: Process Automation and Integration
Permission: integrations.googleapis.com/templates.share
- Action: Shares templates across projects or organizations
- Mitre Tactic: Lateral Movement
- Why it’s privileged: Allows exposure of templates containing logic that can access or invoke sensitive systems, enabling misuse for data access or destructive actions.
Permission: integrations.googleapis.com/templates.update
- Action: Grants permission to update integration templates
- Mitre Tactic: Execution
- Why it’s privileged: Allows modification of templates that can execute code or access sensitive services, enabling unauthorized actions or data exposure the next time the template is used.
Permission: integrations.googleapis.com/authConfigs.delete
- Action: Grants permission to delete authentication configurations
- Mitre Tactic: Impact
- Why it’s privileged: Allows removal of auth configs, potentially disabling integrations or breaking secure connections.
Permission: integrations.googleapis.com/certificates.update
- Action: Grants permission to update authentication configurations
- Mitre Tactic: Persistence
- Why it’s privileged: Enables replacement of trusted certificates, allowing an attacker to maintain long-term access or intercept secure connections.
Permission: integrations.googleapis.com/certificates.create
- Action: Grants permission to create or upload integration certificates used by integrations
- Mitre Tactic: Persistence
- Why it’s privileged: Lets an actor add trusted TLS identities or certs, enabling long-lived authenticated connections or impersonation of services for persistent access.
Permission: integrations.googleapis.com/securityIntegrationVers.update
- Action: Grants permission to update security integration versions
- Mitre Tactic: Defense Evasion
- Why it’s privileged: Allows modification of security integrations, potentially disabling or altering defenses to evade detection.
Permission: integrations.googleapis.com/authConfigs.create
- Action: Grants permission to create authentication configuration records with encrypted credentials
- Mitre Tactic: Persistence
- Why it’s privileged: Allows creation of new auth configs with valid credentials, enabling attackers to establish persistent authenticated access.
Permission: integrations.googleapis.com/authConfigs.update
- Action: Grants permission to update existing authentication configurations
- Mitre Tactic: Persistence
- Why it’s privileged: Allows modification of stored credentials or tokens, enabling sustained unauthorized access.
Backup and Disaster Recovery
Service Type: Archival, Backup and Recovery
Permission: backupdr.googleapis.com/managementServers.setIamPolicy
- Action: Grants permission to set or modify IAM policies on Backup and DR management servers
- Mitre Tactic: Privilege Escalation
- Why it’s privileged: Enables granting admin or management access to attacker-controlled principals, allowing escalation of privileges required to enumerate assured workloads or delete backup & data recovery monitoring infrastructure.
Permission: backupdr.googleapis.com/bvbackups.update
- Action: Grants permission to modify backup records or configurations for BV backups
- Mitre Tactic: Impact
- Why it’s privileged: Allows altering backup contents, retention, destinations, or encryption settings — enabling data tampering, destruction, or unauthorized restore access.
Permission: backupdr.googleapis.com/backupVaults.update
- Action: Grants permission to modify configuration settings for a Backup Vault
- Mitre Tactic: Impact
- Why it’s privileged: Enables altering vault policies, encryption, or retention settings, which can lead to data loss, tampering, or disruption of backup integrity.
Permission: backupdr.googleapis.com/backupPlanAssociations.updateForComputeInstance
- Action: Grants permission to update backup plan associations for Compute Engine instances
- Mitre Tactic: Impact
- Why it’s privileged: Allows modifying which instances are protected or excluded from backups, enabling attackers to remove coverage and prevent recovery after compromise.
Permission: backupdr.googleapis.com/backupPlanAssociations.deleteForComputeInstance
- Action: Grants permission to delete backup plan associations for Compute Engine instances
- Mitre Tactic: Impact
- Why it’s privileged: Allows removal of backup protections from instances, exposing them to irreversible data loss or preventing recovery after an attack.
Conclusion
As GCP continues to evolve its services and expand the capabilities of its APIs, the scope and impact of privileged permissions grow alongside it. The addition of new permissions and the introduction of V2 support both increase control and introduce new complexity for security teams. Permissions that grant control over IAM policies, authentication, and backup configurations can quickly shift the balance between operational efficiency and exposure.
Sonrai Security’s Cloud Permissions Firewall helps organizations stay ahead of this change by continuously identifying new and newly controllable privileges, mapping them to MITRE ATT&CK tactics, and enforcing least privilege across multi-cloud environments. As GCP broadens its privilege model, visibility and control remain essential to preventing escalation, persistence, and data compromise.
