Article by Aloïs THÉVENOT.
Privilege Escalation in Google Cloud Platform
| Permission | Resources |
|---|---|
cloudbuilds.builds.create | Script / Blog Post |
cloudfunctions.functions.create | Script / Blog Post |
cloudfunctions.functions.update | Script / Blog Post |
cloudscheduler.jobs.create | Blog Post |
composer.environments.get | Blog Post 1, 2 |
compute.instances.create | Script / Blog Post |
dataflow.jobs.create | Blog Post 1, 2 |
dataflow.jobs.update | Blog Post 1, 2 |
dataproc.clusters.create | Blog Post 1, 2 |
dataproc.clusters.create | Blog Post 1, 2 |
dataproc.jobs.create | Blog Post 1, 2 |
dataproc.jobs.update | Blog Post 1, 2 |
deploymentmanager.deployments.create | Script / Blog Post |
iam.roles.update | Script / Blog Post |
iam.serviceAccountKeys.create | Script / Blog Post |
iam.serviceAccounts.getAccessToken | Script / Blog Post |
iam.serviceAccounts.implicitDelegation | Script / Blog Post |
iam.serviceAccounts.signBlob | Script / Blog Post |
iam.serviceAccounts.signJwt | Script / Blog Post |
orgpolicy.policy.set | Script / Blog Post |
run.services.create | Script / Blog Post |
serviceusage.apiKeys.create | Script / Blog Post |
serviceusage.apiKeys.list | Script / Blog Post |
storage.hmacKeys.create | Script / Blog Post |