services / Azure / Traffic Manager profile

An Azure Traffic Manager profile is a DNS-based global traffic load balancer that routes client requests for a public DNS name to a set of backend endpoints according to a routing method. It fronts a production internet-facing service.

Controlling a profile controls where a public domain's traffic resolves, making it a domain/traffic-routing asset.


Microsoft.​Network/​trafficManagerProfiles/​delete

Deleting the profile removes the DNS routing component entirely so the domain can no longer route traffic to any backend, destroying a network component and denying service.

Risks

Scope: HIGH

This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.

Links

  • https:​/​/​azure.​permissions.​cloud/​iam/​Microsoft.​Network
  • https:​/​/​learn.​microsoft.​com/​en-​us/​azure/​role-​based-​access-​control/​resource-​provider-​operations
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog