services / Google Cloud / Compute Engine global addresses
Manage global addresses used by cloud load balancers.
Limited attack compared to direct VM access; exploitation involves also exercising risks in load-balancer routing.
compute.globalAddresses.createInternal
Reserves a global IP address, but does not assign it to any infrastructure. Requires access to the internal network for exploitation.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog