services / Google Cloud / Cloud domains registration
A registration is a resource representing a domain registration managed by Cloud Domains. It facilitates managing and configuring domain name registrations
Though the contents of domain registrations are public, this resource contains many permissions to update and configure domain registrations which are highly sensitive.
domains.registrations.createTagBinding
A common use case of tag bindings is for use in IAM policy conditions. The risks apply if the tag is used in any policies.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog