services / Google Cloud / Cloud DNS Managed Zone

A DNS zone hosted and managed by the Cloud DNS service.

Cloud DNS supports a variety of different public and private zones, including forwarding zones and peering zones.


Can change the forwarding config, peering config, or visibility in order to create a DOS. Can change the visibility of the zone to public. Can update metadata.



This privilege may grant access to confidential data, or its exploit can incur operational cost.


  • https:​/​/​cloud.​google.​com/​dns/​docs/​access-​control
  • https:​/​/​cloud.​google.​com/​dns/​docs/​reference/​v1/​managedZones#​resource
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog