Azure Add Federated Identity Credential
Adds a federated identity credential to an application, enabling secretless persistent access via workload identity federation.
Adversaries may add adversary-controlled credentials to a cloud account to maintain persistent access to victim accounts and instances within the environment.
View on MITRE ATT&CK →Adds a federated identity credential to an application, enabling secretless persistent access via workload identity federation.
Creates a new long-term access key for an IAM user, enabling programmatic access to AWS services.
Creates a new key for a GCP service account, producing a JSON credentials file for programmatic authentication. This is the admin activity audit log format; see also iam.serviceAccountKeys.create for the data access format.
Uploads an external key to a service account, enabling persistent access that survives credential rotation.
Adds or updates credentials (client secrets or certificates) for an Entra ID service principal.
Creates HMAC keys for S3-compatible access to Cloud Storage, providing a persistent access mechanism often missed by defenders.