privilegeEscalationGcpServiceAccountFinding resource type
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
GCP service accounts with privilege escalation
Inherits from privilegeEscalationFinding.
Methods
| Method | Return type | Description |
|---|---|---|
| List | privilegeEscalationGcpServiceAccountFinding collection | Get a list of the privilegeEscalationGcpServiceAccountFinding objects and their properties. |
| Get | privilegeEscalationGcpServiceAccountFinding | Read the properties and relationships of a privilegeEscalationGcpServiceAccountFinding object. |
Properties
| Property | Type | Description |
|---|---|---|
| createdDateTime | DateTimeOffset | Defines when the finding was created. Inherited from finding. |
| id | String | Unique identifier for the finding. Inherited from entity. |
| identityDetails | identityDetails | An identity's information details. Inherited from privilegeEscalationFinding. |
| permissionsCreepIndex | permissionsCreepIndex | A score for an identity's excessive permissions that is classified into three buckets: 0-33: low, 34-66: medium, 67-100: high. This property and its values are a snapshot as of when the finding was created and might not reflect the current score for the identity. Supports $filter (gt) and $orderby. Inherited from privilegeEscalationFinding. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| identity | authorizationSystemIdentity | Represents an identity in an authorization system onboarded to Permissions Management. Inherited from identityFinding. Autoexpanded by default. |
| privilegeEscalationDetails | privilegeEscalation collection | The list of escalations that the identity is capable of performing. Inherited from microsoft.graph.privilegeEscalationFinding |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.privilegeEscalationGcpServiceAccountFinding",
"id": "String (identifier)",
"createdDateTime": "String (timestamp)",
"permissionsCreepIndex": {
"@odata.type": "microsoft.graph.permissionsCreepIndex"
},
"identityDetails": {
"@odata.type": "#microsoft.graph.identityDetails"
}
}