EC2 Instance with secrets in UserData Attribute

Workload misconfigurations

EC2 Instance with secrets in UserData Attribute

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

CCPA
ISO/IEC 27001
Mitre ATT&CK v12
NIST 800-171
NIST 800-53

Description

Instance metadata can be used to access user data that was specified when launching the instance. For example, a parameter can be specified for configuring the instance, or include a simple script. The user data is not protected by authentication or cryptography, and therefore, anyone with access to the instance can view it. Secrets were found for the instance {AwsEc2Instance} in the user data attribute. A malicious actor may use the secrets to compromise additional assets in the account

Recommended Mitigation

It is recommended to remove the secrets from instance metadata attribute 'UserData'. For more information please see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html#user-data-view-change

EC2 Instance with secrets in UserData Attribute

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS