services / Azure / Network Interface Tap Configuration
A Network Interface Tap Configuration attaches a Virtual Network TAP to a network interface, causing all of that NIC's traffic to be mirrored to a collector destination.
Traffic-mirroring configuration on a production NIC; when created it enables wholesale interception of in-transit data for that interface.
Microsoft.Network/networkInterfaces/tapConfigurations/delete
Deleting the tap configuration removes the traffic-mirroring component from the interface, which can also tear down a legitimate monitoring/IDS feed attached to it.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog