Drive Permission Auditor
Audits permission settings on Google Drive files, folders, and shared drives by retrieving access lists, roles, and sharing configurations. Security administrators, compliance officers, and IT teams use it for identifying unauthorized access risks and generating audit reports. Integrates via MCP for automated checks in enterprise environments.
Overview
Drive Permission Auditor is an MCP server for inspecting access permissions in Google Drive. It enables querying detailed permission data on files, folders, and shared drives, supporting automated security reviews without manual navigation in the Drive UI.
Key Capabilities
The server provides MCP-accessible functions for permission auditing, including:
- Permission retrieval: Lists users, groups, and service accounts with access to specific items, along with roles like reader, writer, or owner.
- Sharing type analysis: Identifies link-sharing settings, such as 'anyone with link' or domain-restricted access.
- Shared drive reviews: Scans team drives for inherited and direct permissions across members.
Specific tool endpoints focus on these core auditing operations.
Use Cases
- Compliance Preparation: Run permission audits on sensitive folders to list all external users (list_permissions) before regulatory submissions.
- Risk Detection: Scan organization-wide for public links (check_public_access) to block unintended data exposure.
- Access Cleanup: Review shared drives (audit_shared_drives) post-employee offboarding to revoke lingering permissions.
- Incident Investigation: Query permissions on a leaked file to trace access history and roles.
Who This Is For
Google Workspace administrators, cybersecurity analysts, compliance teams, and developers integrating Drive security into monitoring scripts or AI-driven workflows.