GCP - Bigtable Enum

Tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

• Check the subscription plans!
• Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
• Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Bigtable

Google Cloud Bigtable is a fully managed, scalable NoSQL database designed for applications that require extremely high throughput and low latency. It’s built to handle massive amounts of data—petabytes across thousands of nodes—while still providing quick read and write performance. Bigtable is ideal for workloads such as time-series data, IoT telemetry, financial analytics, personalization engines, and large-scale operational databases. It uses a sparse, distributed, multidimensional sorted map as its underlying storage model, which makes it efficient in storing wide tables where many columns may be empty. Learn more.

Hierarchy

1. Bigtable Instance

A Bigtable instance is the top-level resource you create. It doesn’t store data by itself—think of it as a logical container that groups your clusters and tables together.

Two types of instances exist:

• Development instance (single-node, cheap, not for production)
• Production instance (can have multiple clusters)

2. Clusters

A cluster contains the actual compute and storage resources used to serve Bigtable data.

• Each cluster lives in a single region.
• It is made up of nodes, which provide CPU, RAM, and network capacity.
• You can create multi-cluster instances for high availability or global reads/writes.
• Data is automatically replicated between clusters in the same instance.

Important:

• Tables belong to the instance, not to a specific cluster.
• Clusters simply provide the resources to serve the data.

3. Tables

A table in Bigtable is similar to a table in NoSQL databases:

• Data is stored in rows, identified by a row key.
• Each row contains column families, which contain columns.
• It is sparse: empty cells do not consume space.
• Bigtable stores data sorted lexicographically by the row key.

Tables are served by all clusters in the instance.

4. Tablets (and Hot Tablets)

Bigtable splits each table into horizontal partitions called tablets. A tables is a:

• A contiguous range of row keys.
• Stored on a single node at any given moment.
• Tablets are automatically split, merged, and moved by Bigtable.

A hot tablet occurs when:

• Too many reads or writes hit the same row-key range (same tablet).
• That specific tablet/node becomes overloaded.
• This leads to hotspots (performance bottlenecks).

5. Authorized Views

Authorized views allow you to create a subset of a table’s data that can be shared with specific users or applications without giving them access to the entire table. This is useful for:

• Limiting access to sensitive data.
• Providing read-only access to specific columns or rows.

6. App Profiles

A Bigtable app profile is a configuration that defines how a specific application or client should interact with a Bigtable instance, especially in environments with multiple clusters. It controls routing behavior—whether requests should be directed to a single cluster or distributed across multiple clusters for high availability—and governs how writes are replicated, choosing between synchronous (stronger consistency) or asynchronous (lower latency) modes.

# Cloud Bigtable
gcloud bigtable instances list
gcloud bigtable instances describe <instance>
gcloud bigtable instances get-iam-policy <instance>

## Clusters
gcloud bigtable clusters list
gcloud bigtable clusters describe <cluster>

## Tables
gcloud bigtable tables list --instance <INSTANCE>
gcloud bigtable tables describe --instance <INSTANCE> <TABLE>
gcloud bigtable tables get-iam-policy --instance <INSTANCE> <TABLE>

## Backups
gcloud bigtable backups list --instance <INSTANCE>
gcloud bigtable backups describe --instance <INSTANCE> <backupname>
gcloud bigtable backups get-iam-policy --instance <INSTANCE> <backupname>

## Hot Tables
gcloud bigtable hot-tablets list

## App Profiles
gcloud bigtable app-profiles list --instance <INSTANCE>
gcloud bigtable app-profiles describe --instance <INSTANCE> <app-prof>

## Authorized Views
gcloud bigtable authorized-views list --instance <INSTANCE> --table <TABLE>
gcloud bigtable authorized-views describe --instance <INSTANCE> --table <TABLE> <VIEW>

Privilege Escalation

GCP - Bigtable Privesc

Post Exploitation

GCP - Bigtable Post Exploitation

Persistence

GCP - Bigtable Persistence

Tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

• Check the subscription plans!
• Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
• Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.