Data protection

AWS Secrets Manager secret with public access

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

AWS Secrets Manager helps you to store and protect secrets needed to access your applications, services, and IT resources. It was detected that the secret {AwsSecretsManagerSecret}'s access policy grants public access. Public access may expose the secret to an unauthorized AWS accounts and users. Use the secret's access policy in order to restrict who can access it.

  • Recommended Mitigation

    It is recommended to set the secret's access policy to provide access to known parties only. For more information: <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.