Compute instance using the default service account







June 29, 2023

EXPLOITABILITY Exploitability of a vulnerability measures how easy it is for an attacker to discover and exploit the vulnerability, some might refer to this as likelihood.

IMPACT How impactful to your environment and organization a successful exploitation of this vulnerability is expected to be.




By default, Compute Engine assigns new instances to a default service account that has wide permissions on the current project.

Understanding Impact

Business Impact

Compute instances using the default service account typically grants applications unnecessary permissions and may allow attackers to access sensitive data.

Technical Impact

The Compute Engine default service account has "Editor" rights on the current project. By default, compute instances can only use a subset of these permissions, defined by the access scope This default allows to read data from all GCS buckets, BigQuery datasets and Container Registry images.

If the access scope associated with the instance is, the instance and any application that runs on it has effective project editor rights.

These credentials can be retrieved from the instance metadata service:

PROJECT_ID=$(curl -s -H "Metadata-Flavor: Google"
curl \
  -H "Metadata-Flavor: Google" \$

The resulting access token can then be used from another machine, directly in Google Cloud API requests, or imported for use with the gcloud CLI:

gcloud config set project PROJECT_NAME
gcloud storage buckets list --access-token-file=./access-token

# Alternatively, you can instruct the gcloud CLI to use the access token using an environment variable
export CLOUDSDK_AUTH_ACCESS_TOKEN=$(cat access-token)

Identify affected resources

Use the following gcloud CLI command to identify compute instances using the default service account:

gcloud compute instances list \

You can use the following command to restrict your search to compute instances that use the default service account and have full project editor permissions because they don't restrict the scope:

gcloud compute instances list --filter="'' 
  AND serviceAccounts.scopes=('')

Remediate vulnerable resources

Assign a non-default service account to the compute instance. If the instance needs to access other Google Cloud services, use the least privilege principle to assign the minimum required permissions to the service account. Refer to the Authenticate workloads using service accounts for more information.

As an additional layer of security, you can enable the Organization policy constraint constraints/iam.automaticIamGrantsForDefaultServiceAccounts to prevent the default compute service accounts from being assigned privileged permissions automatically.

How Datadog can help

Cloud Security Management

Datadog Cloud Security Management detects this vulnerability using the following out-of-the-box rules:


The Google Cloud Compute Engine default service account

gcp documentation

Default service accounts access scopes

gcp documentation

HackerOne #530974

PortSwigger: Google pays hacker duo $22k in bug bounties for flaws in multiple cloud projects