pubsub.subscriptions.create – 1 risks

The IAM Privilege Catalog

services / Google Cloud / Pub/Sub subscription

A Pub/Sub subscription receives messages published to a Pub/Sub topic.

Subscriptions can allow an attacker to read Pub/Sub messages, which may contain sensitive information.

pubsub.subscriptions.create

Creating a subscription does not provide access to Pub/Sub data on its own, since you cannot consume messages or attach the subscription to a topic.

Risks

Spend (MEDIUM)

Scope: LOW

This privilege allows access to data that are not meant to be public, but are otherwise not sensitive.

Links

https://cloud.google.com/pubsub/docs/subscriber

https://cloud.google.com/pubsub/docs/access-control

Contributed by P0 Security

© 2023–present P0 Security and contributors to the IAM Privilege Catalog