services / Google Cloud / StatefulSets

Control Kubernetes StatefulSets objects.

StatefulSets manage Pods, with different guarantees but similar to Deployments, ReplicaSets, and DaemonSets. As such, the primary security concerns are the container images that are running on these Pods, and the resources the Pods consume from the Kubernetes cluster.


container.​statefulSets.​getStatus

Equivalent to `statefulSets.get`. Allows reading the `/apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/status` subresource which returns the same payload as the `/apis/apps/v1/namespaces/{namespace}/statefulsets/{name}` resource.

Risks

Scope: MEDIUM

This privilege may grant access to confidential data, or its exploit can incur operational cost.

Contributed by P0 Security

© 2023–present P0 Security and contributors to the IAM Privilege Catalog