services / Azure / Web Apps slot function keys
Function keys are per-function bearer credentials that authorize invocation of an HTTP-triggered function in an App Service Functions slot.
Credential material gating function invocation; the invoked function runs under the app's assigned managed identity.
Microsoft.Web/Sites/slots/functions/keys/delete
Deleting a function key destroys the credential material and revokes the invocation access legitimate callers depend on, denying authorized access and disrupting the function.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog