Critical-risk tools in Gojira
19 of the 170 tools in Gojira are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
assets.deleteObjectDestructiveDelete an Assets object. Irreversible.
-
assets.removeObjectReferenceDestructiveRemove a reference between two Assets objects.
-
automation.deleteAutomationRuleDestructiveDelete an automation rule. **Irreversible.**
-
confluence.deleteConfluenceSpaceDestructiveDelete a Confluence space. **Irreversible.**
-
customfields.deleteCustomFieldDestructiveDelete a custom field. **Irreversible.** Re-invoke with
-
dashboards.deleteDashboardDestructiveDelete a dashboard. Irreversible.
-
filters.deleteFilterDestructiveDelete a filter. Irreversible.
-
gojira.revertOperationDestructiveReverts a previously-journaled operation (where mechanically possible). Logs the revert itself as a new journal entry. Use
-
jsm.deleteQueueDestructiveDelete a queue. Irreversible.
-
jsm.deleteRequestTypeDestructiveDelete a request type. Irreversible.
-
orgAdmin.deleteGroupDestructiveDelete an org-level group.
-
orgAdmin.removeAppDestructiveRemove a Marketplace app from the org.
-
orgAdmin.removeUserFromGroupDestructiveRemove a user from a group.
-
projects.archiveJiraProjectDestructiveArchive a Jira project. Requires
-
projects.deleteJiraProjectDestructivePermanently delete a Jira project. **Irreversible.** Re-invoke with
-
schemes.deleteNotificationSchemeDestructiveDelete a notification scheme. Irreversible.
-
schemes.deletePermissionSchemeDestructiveDelete a permission scheme. Irreversible.
-
workflows.deleteWorkflowDestructiveDelete a workflow. Irreversible.
-
workflows.removeWorkflowTransitionDestructiveRemove a transition from a workflow
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.