AZOwns

This article applies to BHCE and BHE

The principal is granted owner rights on the principal.

AZOwns targets resources in Entra ID (for example AZGroup, AZServicePrincipal, and AZDevice) from various object-specific ownership.

Note: The edges AZOwner and AZOwns are distinct as they each apply their own distinct identity and access management platform (AzureRM and Entra ID respectively) with distinct mechanics, abuse primitives, and remediation steps.

Abuse Info

Object ownership means almost all abuses are possible against the target object.

Opsec Considerations

This depends on which abuse you perform, but in general Azure will create a log for each abuse action.

Updated