services / Azure / Web Apps Functions keys
Access keys for an individual Azure Functions function, used as bearer credentials to authorize HTTP invocation of that function.
Function invocation keys are credentials; invoking a function runs code under the function app's (possibly managed) identity. Asset is a single function app -> HIGH.
Microsoft.Web/Sites/functions/keys/delete
Deleting a function key revokes the credential legitimate callers use to invoke the function, denying authorized access and disrupting that function's HTTP endpoint.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog