Workload misconfigurations

EC2 Instance with secrets in UserData Attribute


Instance metadata can be used to access user data that was specified when launching the instance. For example, a parameter can be specified for configuring the instance, or include a simple script. The user data is not protected by authentication or cryptography, and therefore, anyone with access to the instance can view it. Secrets were found for the instance {AwsEc2Instance} in the user data attribute. A malicious actor may use the secrets to compromise additional assets in the account
  • Recommended Mitigation

    It is recommended to remove the secrets from instance metadata attribute 'UserData'. For more information please see <a href="" target="_blank" rel="noopener noreferrer"></a>