AWS Systems Manager Parameter Exposes AWS Secret

Lateral movement

AWS Systems Manager Parameter Exposes AWS Secret

Risk Level

Hazardous (3)

Platform(s)

Description

AWS Systems Manager Parameter Store provides a centralized store to manage your configuration data. It was detected that the Systems Manager Parameter Store {AwsSystemsManagerParameter} is exposing an AWS access key or secret key as plain text.

Recommended Mitigation

It is recommended to store AWS secrets as a SecureString encrypted with a dedicated KMS key or in AWS Secrets Manager service. Review your parameters on the Systems Manager Parameter Store and make sure they do not contain secrets as plain text.

AWS Systems Manager Parameter Exposes AWS Secret

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS