1. Home
  2. Mapping Frameworks
  3. GCP Home
  4. Access Transparency

GCP access_transparency Mappings

Access Transparency logs record the actions that Google personnel take when accessing customer content. Access Transparency log entries include details such as the affected resource and action, the time of the action, the reason for the action, and information about the accessor.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
access_transparency Access Transparency detect minimal T1199 Trusted Relationship
Comments
This control may expose and detect malicious access of customer data and resources by compromised Google personnel accounts. The trusted relationship between Google personnel who administer and allow customers to host their workloads on the cloud may be abused by insider threats or compromise of Google.
References
  1. https://cloud.google.com/cloud-provider-access-management/access-transparency/docs/overview
access_transparency Access Transparency detect minimal T1530 Data from Cloud Storage Object
Comments
This control may expose and detect malicious access of data from cloud storage by compromised Google personnel accounts.
References
  1. https://cloud.google.com/cloud-provider-access-management/access-transparency/docs/overview