Google Cloud BigQuery

Public Dataset Policy

Ensures that BigQuery dataset tables are not publicly accessible.

Risk Level: High

Description

This plugin ensures that the Google Cloud BigQuery dataset tables are not shared publicly. This is achieved by making sure that the images’ access is not given to allAuthenticatedUsers and allUsers. To abide by the security policies, disk images should not be publicly accessible unless necessary.

About the Service

Google Cloud BigQuery:

BigQuery is Google Cloud’s serverless data warehouse that is designed to be highly scalable and helps in ingesting, storing, analyzing, and visualizing data easily. Data can be supplied in batches or streamed in real-time, allowing for real-time insights. Big Query also supports ANSI-compliant SQL. It offers high availability and is extremely cost-effective. To know more, read here.

Impact

If your BigQuery dataset tables are publicly accessible, it makes it vulnerable to attacks as there is a risk of exposing sensitive and confidential data. By making it publicly accessible, you share the datasets with all users even if they are not part of the organization or project. To ensure security, PingSafe strongly recommends sharing the disk images only with required users instead of making them public.

Steps to Reproduce

Using GCP Console-

  1. Log In to your GCP Console.
  2. From the top navigation bar, select the GCP project you want to investigate.
  3. From the navigation panel on the left side of the console, go to BigQuery in the Big Data section. You can use this link here to navigate directly if you’re already logged in.
  4. In the Explorer panel, click on the toggle button to the left of the project name to expand the node and view the data under the particular project.
  5. For the required dataset under the selected project, click on the three-dots icon and then select Open from the drop-down list provided.
  6. In the dataset tab, click on the SHARING button found on the top right corner, and select Permissions from the drop-down list.
  7. In the Filter box available, add a filter setting Role/Principal to allUsers and another setting Role/Principal to allAuthenticatedUsers using the OR operator as shown in the screenshot below.
    If the filter returns any results, then the selected dataset is publicly accessible.
  8. Repeat steps 4 to 7 for all the datasets you want to investigate in the selected project.
  9. If you have multiple projects, repeat steps 2 to 8 for each project in your GCP Console. 

Steps for Remediation

Determine whether or not you truly require the datasets to be publicly accessible. If not, make the necessary changes to enable it using the steps below.


Using GCP Console-

  1. Log In to your GCP Console.
  2. From the top navigation bar, select the GCP project you want to investigate.
  3. From the navigation panel on the left side of the console, go to BigQuery in the Big Data section. You can use this link here to navigate directly if you’re already logged in.

    In the Explorer panel, click on the toggle button to the left of the project name to expand the node and view the data under the particular project.
  4. For the required dataset under the selected project, click on the three-dots icon and then select Open from the drop-down list provided.
  5. In the dataset tab, click on the SHARING button found on the top right corner, and select Permissions from the drop-down list.
  6. In the Filter box available, add a filter setting Role/Principal to allUsers and another setting Role/Principal to allAuthenticatedUsers using the OR operator as shown in the screenshot below.
  7. Click on the delete icon next to the name of the role you wish to delete.
  8. In the confirmation pop-up box, select the member you wish to delete and press REMOVE.
  9. Repeat steps 3 to 8 for all the datasets you want to reconfigure in the selected project.
  10. If you have multiple projects, repeat steps 2 to 9 for each project in your GCP console.