This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How to restrict/identify/notify sensitive data stored in project metadata of Compute Engine Settings

Posted on 08-23-2023 12:17 AM
gaurav_gupta
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi Team,

As we know that we can store any kind of data in PROJECT METADATA(under Compute Engine -- Settings - Metadata) How do we ensure that no sensitive data is stored in project metadata? and even if sensitive data are stored in project metadata, How can we get notified?

Project metadata which are stored in plain-format is accessible to any user or service account with the necessary permissions. If unauthorised individuals gain access to the project or its metadata, they can retrieve the sensitive information, potentially leading to unauthorised access or misuse.

Potential Sensitive metadata can be: GCP SA keys, Certification, Application Password, API keys, ssh private key, Database/VM password etc.

for examplefor example

1 1 249
Topic Labels
1 REPLY 1
Top Labels in this Space
Top Solution Authors
View all