Azure Admin Permissions On Keys
Description
Detects Azure Key Vaults that have access policies granting full administrative permissions on cryptographic keys. Having users with unrestricted key management capabilities poses a security risk as it could lead to key compromise or misuse.
Detection Strategy
• Identifies Key Vaults that are not using Azure RBAC for access control (RBAC authorization disabled)
• Examines each access policy configured on the Key Vault
• Reports a vulnerability when an access policy grants all possible permissions for key operations
• Triggers only when a policy has complete control over keys, including critical operations like backup, delete, get, import, purge, recover, restore, and sign
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.