AZT605 - Resource Secret Reveal#
An adverary may access an Azure KeyVault in an attempt to view secrets, certificates, or keys.
ID | Name | Description | Action | Resources |
---|---|---|---|---|
.001 | Storage Account Access Key Dumping | By accessing a Storage Account, an adversary may dump access keys pertaining to the Storage Account, which will give them full access to the Storage Account. | Microsoft.Storage/storageAccounts/listkeys/action | Storage Account |
.002 | Automation Account Credential Secret Dump | By editing a Runbook, a credential configured in an Automation Account may be revealed | Microsoft.Automation/automationAccounts/runbooks/* | Automation Account |
.003 | Resource Group Deployment History Secret Dump | By accessing deployment history of a Resource Group, secrets used in the ARM template may be revealed. | Microsoft.Resources/deployments/read | Resource Group |