TL;DR: Primitive roles, role-grants at organization scope, IAM-bindings as the canonical escalation surface.

Stub — to be filled in.

What it is

TODO

Preconditions / where it applies

TODO

Technique

TODO

Detection and defence

TODO

References

• https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation