services / Azure / Gateway hostname configurations
Custom hostname (domain) bindings attached to an API Management self-hosted/gateway resource, defining the network-facing endpoints and associated certificates through which the gateway serves APIs.
Controls public-facing domain routing for a single API gateway; writes can hijack traffic on a domain.
Microsoft.ApiManagement/service/gateways/hostnameConfigurations/delete
Removes the gateway's hostname/endpoint binding, breaking client connectivity to APIs served on that domain (denial of service).
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog