Lateral movement

AWS Systems Manager Parameter Exposes AWS Secret

Risk Level

Hazardous (3)

Platform(s)

Description

AWS Systems Manager Parameter Store provides a centralized store to manage your configuration data. It was detected that the Systems Manager Parameter Store {AwsSystemsManagerParameter} is exposing an AWS access key or secret key as plain text.
  • Recommended Mitigation

    It is recommended to store AWS secrets as a SecureString encrypted with a dedicated KMS key or in AWS Secrets Manager service. Review your parameters on the Systems Manager Parameter Store and make sure they do not contain secrets as plain text.