services / Google Cloud / BackendConfig custom resource definition for Google Kubernetes Engine

BackendConfig objects are reusable configurations for Kubernetes Service objects. BackendConfigs set the destination Service for incoming requests, thus they pertain to external-to-internal communications. Other ingress parameters of a BackendConfig include service response timeout, Cloud CDN, HTTP access logging, Session Affinity.

Backend Config is a piece of reusable configuration for an Ingress object. A BackendConfig does not take effect unless it is associated with an Ingress object.


BackendConfigs that are associated with a Service can be deleted without first removing the reference to them. Access to a Service can be disrupted by deleting a BackendConfig that is associated with a Service.



This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.

Contributed by P0 Security

© 2023–present P0 Security and contributors to the IAM Privilege Catalog