IAM misconfigurations

Azure Service Principal of external application has a custom role

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

External Application {AzureServicePrincipal} has custom role {AzureServicePrincipal.RoleAssignments.RoleDefinition}. Over-permissive roles might be a risk to the organization and should be reviewed

  • Recommended Mitigation

    It is recommended to examine the application {AzureServicePrincipal}, and the custom role {AzureServicePrincipal.RoleAssignments.RoleDefinition}. Apply permissions by the ‘least privileges principle’.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.