feat(gcp): grant config-only perms for storage, secrets, bigquery, cloudbuild, batch, workflows, firestore, vertex, scc#48
Merged
tim-thacker-nullify merged 1 commit intoMay 5, 2026
Conversation
…oudbuild, batch, workflows, firestore, vertex, scc Closes the gap between what the Nullify cloud scanner enumerates and what the cloud connector module grants. Adds 23 permissions across 9 services to the existing nullifyCloudConnector custom role; no new predefined role bindings. Every permission is a *.list / *.get / *.getMetadata on configuration resources. Data-plane perms are explicitly excluded: - storage.objects.* (no object reads) - secretmanager.versions.access (no secret payloads) - bigquery.tables.getData (no row reads) - bigquery.jobs.create (no query execution / billing) - workflows.executions.* (no execution payloads) - workflows.stepEntries.* (no step input/output reads) - datastore.entities.* (no document reads) - aiplatform.endpoints.predict (no inference) - securitycenter.findings.* (no finding content) The predefined viewer roles for Workflows, Firestore (datastore.viewer), Vertex AI, and SCC findings are deliberately not used because each one includes data-plane permissions that violate the connector's config-only contract. scripts/install.sh CUSTOM_ROLE_PERMISSIONS string is kept in sync. docs/permissions.md is extended with the new permissions and the new "What Nullify cannot do" rows. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
vik-nullify
approved these changes
May 5, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes the gap between what the Nullify cloud scanner (
context/internal/cloudintegrations/gcp/) actually enumerates and what this connector module grants. Adds 23 permissions across 9 services to the existingnullifyCloudConnectorcustom role. No new predefined role bindings.Surfaced while reviewing a customer terraform plan: 9 scanner modules were silently hitting
PermissionDeniedand producing empty inventory rows. The risk graph inhyperdrive/pkg/graphanalysiswas incomplete by exactly this gap.What's added
storage.buckets.{get,list,getIamPolicy}Buckets.List+Bucket.IAM.GetPolicysecretmanager.secrets.{get,list}Projects.Secrets.Listbigquery.{datasets,tables,routines}.{get,list}Datasets.List/Get,Tables.List,Routines.Listcloudbuild.buildTriggers.{get,list}Projects.Triggers.Listbatch.jobs.{get,list}Projects.Locations.Jobs.Listworkflows.workflows.{get,list}Projects.Locations.Workflows.Listdatastore.databases.{list,getMetadata}Projects.Databases.Listaiplatform.endpoints.{get,list}Projects.Locations.Endpoints.Listsecuritycenter.sources.{get,list}Organizations.Sources.List(org-scope only)Service-config-only contract preserved
Every entry is
*.list/*.get/*.getMetadataon configuration resources. Data-plane perms are explicitly excluded:storage.objects.*(no object reads)secretmanager.versions.access(no secret payloads)bigquery.tables.getData(no row reads)bigquery.jobs.create(no query execution / billing)workflows.executions.*andworkflows.stepEntries.*(no execution payloads)datastore.entities.*(no document reads)aiplatform.endpoints.predict/computeTokens(no inference)securitycenter.findings.*andsecuritycenter.assets.*(no finding contents)The predefined viewer roles for Workflows (
roles/workflows.viewer), Firestore (roles/datastore.viewer), Vertex AI (roles/aiplatform.viewer), and SCC findings (roles/securitycenter.findingsViewer) are deliberately not used because each one grants data-plane permissions that would violate the connector's config-only contract.Files
gcp-integration-setup/terraform/modules/nullify-gcp-integration/main.tf— append entries tolocal.custom_role_permissions; update header comment with new exclusions.gcp-integration-setup/scripts/install.sh— sync the comma-separatedCUSTOM_ROLE_PERMISSIONSstring.gcp-integration-setup/docs/permissions.md— add 9 rows to the custom-role table; add 8 rows to the "What Nullify cannot do" table.gcp-integration-setup/terraform/README.md— update the "What this provisions" service list.What's NOT changed
apis.tf(we don't enable customer-side service APIs; if the customer doesn't use BigQuery/Firestore/etc, the scanner gracefully handles "API not enabled" 403s).Test plan
terraform fmt -recursive— clean ✅ (verified locally)terraform validateon each example (single-project,organization,folder) ✅ (verified locally)bash -n scripts/install.sh✅ (verified locally)main.tfcustom_role_permissionsmatches 52 ininstall.shCUSTOM_ROLE_PERMISSIONS✅gcloud iam roles describe nullifyCloudConnectorreturns the new perms.cloudaccountgcpmodel now populatesBuckets,Secrets,BigQueryDatasets,BuildTriggers,BatchJobs,Workflows,FirestoreDatabases,VertexEndpoints(andSourcesat org scope).result.Errorsno longer carries 403s for those 9 services.POST /admin/integrations/cloud/gcp/validate) — must remain green; verify path doesn't exercise the new perms but should not regress.