services / Azure / Gallery remote container image
A reference/definition in an Azure Compute Gallery pointing to a remote container image artifact distributable to consumers.
Image artifact reference whose contents may be consumed by downstream deployments; supply-chain relevant.
Microsoft.Compute/galleries/remoteContainerImages/beginGetAccess/action
Returns a SAS URI for direct blob access to the remote container image, enabling export of the image contents (and any secrets baked into it); the returned SAS token is itself credential material.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog