AZT605 - Resource Secret Reveal#
An adverary may access an Azure KeyVault in an attempt to view secrets, certificates, or keys.
|.001||Storage Account Access Key Dumping||By accessing a Storage Account, an adversary may dump access keys pertaining to the Storage Account, which will give them full access to the Storage Account.||Microsoft.Storage/storageAccounts/listkeys/action||Storage Account|
|.002||Automation Account Credential Secret Dump||By editing a Runbook, a credential configured in an Automation Account may be revealed||Microsoft.Automation/automationAccounts/runbooks/*||Automation Account|
|.003||Resource Group Deployment History Secret Dump||By accessing deployment history of a Resource Group, secrets used in the ARM template may be revealed.||Microsoft.Resources/deployments/read||Resource Group|