HackTricks Cloud
HackTricks Training Twitter Linkedin Sponsor

Az - ARM Templates / Deployments

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

Basic Information

From the docs: To implement infrastructure as code for your Azure solutions, use Azure Resource Manager templates (ARM templates). The template is a JavaScript Object Notation (JSON) file that defines the infrastructure and configuration for your project. The template uses declarative syntax, which lets you state what you intend to deploy without having to write the sequence of programming commands to create it. In the template, you specify the resources to deploy and the properties for those resources.

History

If you can access it, you can have info about resources that are not present but might be deployed in the future. Moreover, if a parameter containing sensitive info was marked as "String" instead of "SecureString", it will be present in clear-text.

Search Sensitive Info

Users with the permissions Microsoft.Resources/deployments/read and Microsoft.Resources/subscriptions/resourceGroups/read can read the deployment history.

Get-AzResourceGroup
Get-AzResourceGroupDeployment -ResourceGroupName <name>

# Export
Save-AzResourceGroupDeploymentTemplate -ResourceGroupName <RESOURCE GROUP> -DeploymentName <DEPLOYMENT NAME>
cat <DEPLOYMENT NAME>.json # search for hardcoded password
cat <PATH TO .json FILE> | Select-String password

References

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

PreviousAz - Application ProxyNextAz - Automation Account

Last updated