Buckets of Fun: Getting Backstage at the DEFCON 31 Cloud ...
The server knows everything about your instance, from its and zone to the service accounts associated with it and the authentication tokens those accounts can generate. You can access this data using simple HTTP requests—no complex client libraries are required.
response = requests.get(METADATA_URL, headers=headers) response.raise_for_status() token_data = response.json() access_token = token_data["access_token"]
Storing and retrieving instance metadata. Buckets of Fun: Getting Backstage at the DEFCON 31 Cloud
In GCP, a service account is a special type of account that allows your application to interact with GCP resources without needing to authenticate with a user account. Service accounts are used to authorize access to resources, such as Cloud Storage buckets, Cloud Datastore, or Cloud Pub/Sub topics.
403 Forbidden
: /computeMetadata/v1/instance/service-accounts/ - This path is used to retrieve information about the service accounts associated with the current Compute Engine instance. response = requests
Google Cloud client libraries (like the Python google-cloud-storage library or the gcloud CLI) are smart. When you run code on a GCP VM, the code automatically tries to contact this URL to retrieve an .
The metadata server is a dedicated, internal service accessible to every GCP virtual machine instance. It provides information about the instance, such as hostname, IP address, project ID, and—most importantly—service account credentials. 169.254.169.254 (link-local) Hostname: metadata.google.internal The server is available only from within the GCP network. 2. Deep Dive: /instance/service-accounts/
storage_url = "https://storage.googleapis.com/storage/v1/b/YOUR_BUCKET/o" auth_headers = "Authorization": f"Bearer access_token" requests.get(storage_url, headers=auth_headers) headers=auth_headers) – When creating a VM
– When creating a VM, you can limit which APIs the metadata token can access (e.g., read-only for Cloud Storage, no Compute API). Even if your app is compromised, the token has minimal permissions.
"serviceAccounts": [
You can use curl to fetch the token directly from a terminal within the VM.
Example response: