catalog logoThe IAM Privilege Catalog

services / Google Cloud / Dataproc clusters

Create and manage Dataproc clusters. Dataproc clusters provide a platform for running Apache Hadoop, Hive, Pig, and Spark jobs.

Allows access to machine-learning pipelines. Creating a cluster allows exfiltration of the default service account tokens.

dataproc.​clusters.​update

Allows the caller to update the number of instances the job uses.

Risks

  1. Spend (MEDIUM)

Scope: MEDIUM

This privilege may grant access to confidential data, or its exploit can incur operational cost.

Links

  • https:​/​/​cloud.​google.​com/​dataproc/​docs/​concepts/​overview
  • https:​/​/​cloud.​google.​com/​sdk/​gcloud/​reference/​dataproc/​clusters
  • https:​/​/​cloud.​google.​com/​dataproc/​docs/​reference/​rest/​v1/​projects.​regions.​clusters

    • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog