services / Google Cloud / Response Policy Rule

A response policy rule contains a selector and optionally DNS records or configured behavior for answering DNS queries that match the selector.


A response policy rule can effectively be used by an attacker to redirect traffic on a domain within the VPC network the policy is attached to.


Scope: HIGH

This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.


  • https:​/​/​cloud.​google.​com/​dns/​docs/​reference/​v1beta2/​responsePolicyRules
  • https:​/​/​cloud.​google.​com/​dns/​docs/​access-​control
  • https:​/​/​cloud.​google.​com/​dns/​docs/​zones/​manage-​response-​policies
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog