services / Google Cloud / Cloud Run Jobs

A Cloud Run job is used for running code that executes for a period of time and exits once complete. Jobs may be executed on a one-off basis, a recurring schedule, or as part of a workflow.

Cloud run jobs may be used for important organizational tasks, such as processing of sensitive data.


run.​jobs.​delete

You can only delete a job if there are no executions in progress. However, certain services may rely on a job that runs on a schedule, so deleting a job can create a DOS even if at deletion time there are no executions in progress.

Risks

Scope: HIGH

This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.

Links

  • https:​/​/​cloud.​google.​com/​run/​docs/​resource-​model
  • https:​/​/​cloud.​google.​com/​run/​docs/​managing/​jobs
  • https:​/​/​cloud.​google.​com/​run/​docs/​reference/​rest/​v1/​namespaces.​jobs
  • https:​/​/​cloud.​google.​com/​run/​docs/​create-​jobs
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog