The IAM Privilege Catalogservices / Google Cloud / Kubernetes Engine Services
Services provide a stable network endpoint for one or more pods, allowing them to be accessed by other pods or external clients.
Services control how your Kubernetes Pods are exposed on the Kubernetes network.
container.services.getStatus
While this is a different permission from `container.services.get`, calling the `GET api/v1/namespaces/default/services/{{service-name}}/status` endpoint retrieves the same information as the `GET api/v1/namespaces/default/services/{{service-name}}` endpoint.
Risks
Scope: MEDIUM
This privilege may grant access to confidential data, or its exploit can incur operational cost.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog