{{#include ../../../banners/hacktricks-training.md}}
Find more information about Secret Manager in:
{{#ref}} ../gcp-services/gcp-secrets-manager-enum.md {{#endref}}
An attacker could update the secret to:
- Stop rotations so the secret won't be modified
- Make rotations much less often so the secret won't be modified
- Publish the rotation message to a different pub/sub
- Modify the rotation code being executed. This happens in a different service, probably in a Cloud Function, so the attacker will need privileged access over the Cloud Function or any other service.
{{#include ../../../banners/hacktricks-training.md}}