services / Azure / Network Interface Tap Configuration

A Network Interface Tap Configuration attaches a Virtual Network TAP to a network interface, causing all of that NIC's traffic to be mirrored to a collector destination.

Traffic-mirroring configuration on a production NIC; when created it enables wholesale interception of in-transit data for that interface.


Microsoft.​Network/​networkInterfaces/​tapConfigurations/​delete

Deleting the tap configuration removes the traffic-mirroring component from the interface, which can also tear down a legitimate monitoring/IDS feed attached to it.

Risks

Scope: HIGH

This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.

Links

  • https:​/​/​azure.​permissions.​cloud/​iam/​Microsoft.​Network
  • https:​/​/​learn.​microsoft.​com/​en-​us/​azure/​role-​based-​access-​control/​resource-​provider-​operations
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog