In most cases, trust boundaries are violated when a secret is exposed in a source code repository or an uncontrolled deployment environment.
Unintended people who don’t need to know the secret might get access to it. They might then be able to use it to gain unwanted access to associated
services or resources.
The trust issue can be more or less severe depending on the people’s role and entitlement.
What is the potential impact?
Azure Storage Account Keys are used to authenticate and authorize access to Azure Storage resources, such as blobs, queues, tables, and files.
These keys are used to authenticate requests made against the storage account.
If an Azure Storage Account Key is leaked to an unintended audience, it can pose a significant security risk to your Azure Storage account.
An attacker with access to your storage account key can potentially access and modify all the data stored in your storage account. They can also
create new resources, delete existing ones, and perform other actions that can compromise the integrity and confidentiality of your data.
In addition, an attacker with access to your storage account key can also incur charges on your account by creating and using resources, which can
result in unexpected billing charges.
