3d7b200c37
[Specification ticket](https://sonarsource.atlassian.net/browse/APPSEC-776) [Implementation ticket](https://sonarsource.atlassian.net/browse/SONARIAC-885) [RSPEC Preview](https://sonarsource.github.io/rspec/#/rspec/S6379/azureresourcemanager) PR for adding Bicep code examples https://github.com/SonarSource/rspec/pull/2244 ## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: pierre-loup-tristant-sonarsource <pierre-loup-tristant-sonarsource@users.noreply.github.com> Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com> Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
6 lines
422 B
Plaintext
6 lines
422 B
Plaintext
Enabling Azure resource-specific admin accounts can reduce an organization's ability to protect itself against account or service account thefts.
|
|
|
|
Full Administrator permissions fail to correctly separate duties and create potentially critical attack vectors on the impacted resources.
|
|
|
|
In case of abuse of elevated permissions, both the data on which impacted resources operate and their access traceability are at risk.
|