Skip to content

Backdoor a GCP Service Account through its IAM Policy


Platform: GCP


  • Persistence


Backdoors a GCP service account by granting a fictitious attacker the ability to impersonate it and generate access temporary tokens for it.


  • Create a service account


  • Backdoor the IAM policy of the service account to grant the role iam.serviceAccountTokenCreator to a fictitious attacker

Note that in GCP (contrary to AWS), the "IAM policy" of a service account is not granting permissions to the service account itself - rather, it's a resource-based policy that grants permissions to other identities to impersonate the service account.


Since the target e-mail must exist for this attack simulation to work, Stratus Red Team grants the role to by default. This is a real Google account, owned by Stratus Red Team maintainers and that is not used for any other purpose than this attack simulation. However, you can override this behavior by setting the environment variable STRATUS_RED_TEAM_ATTACKER_EMAIL, for instance:

stratus detonate gcp.persistence.backdoor-service-account-policy


Detonate with Stratus Red Team
stratus detonate gcp.persistence.backdoor-service-account-policy


You can detect when the IAM policy of a service account is updated using the GCP Admin Audit Logs event google.iam.admin.v1.SetIAMPolicy (sample below, shortened for clarity).

  "protoPayload": {
    "serviceName": "",
    "methodName": "google.iam.admin.v1.SetIAMPolicy",
    "resourceName": "projects/-/serviceAccounts/123456789",
    "serviceData": {
      "@type": "",
      "policyDelta": {
        "bindingDeltas": [
            "action": "ADD",
            "role": "roles/iam.serviceAccountTokenCreator",
            "member": ""
  "resource": {
    "type": "service_account",
    "labels": {
      "email_id": "",
      "project_id": "victim-project"
  "logName": "projects/victim-project/logs/",

When someone impersonates a service account, the GCP Admin Audit Logs event google.iam.credentials.v1.GenerateAccessToken is emitted if you explicitly enabled DATA_READ events in the audit logs configuration of your project. For more information, see Impersonate GCP Service Accounts.