Skip to content

AZT605.3 - Resource Secret Reveal: Resource Group Deployment History Secret Dump#

By accessing deployment history of a Resource Group, secrets used in the ARM template may be revealed.


Resource Group


  • Microsoft.Resources/deployments/read
  • Microsoft.Resources/subscriptions/resourceGroups/read


Detection Details#

When a template is used, the parameters from the template are reflected on the 'Input' page when viewing the deployment detail in the Azure portal. The parameter key value's are shown unless the key 'SecureString' is used. If 'SecureString' is not used, then the value will show in the deployment input details.


Data Source Operation Name Action Log Provider
Resource N/A N/A AzureActivity