actas in cloudbuild

src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.md

@@ -10,7 +10,7 @@ For more information about Cloud Build check:
 ../gcp-services/gcp-cloud-build-enum.md
 {{#endref}}
 
-### `cloudbuild.builds.create`
+### `cloudbuild.builds.create`, `iam.serviceAccounts.actAs`
 
 With this permission you can **submit a cloud build**. The cloudbuild machine will have in it’s filesystem by **default a token of the cloudbuild Service Account**: `<PROJECT_NUMBER>@cloudbuild.gserviceaccount.com`. However, you can **indicate any service account inside the project** in the cloudbuild configuration.\
 Therefore, you can just make the machine exfiltrate to your server the token or **get a reverse shell inside of it and get yourself the token** (the file containing the token might change).