Links

GCP - Composer Privesc

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:

composer

composer.environments.create

It's possible to attach any service account to the newly create composer environment with that permission. Later you could execute code inside composer to steal the service account token.
More info about the exploitation here.
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks: