Suspicious activity

Exposed aws access key was used in attempt to run EC2 instance

Risk Level

Informational (4)

Platform(s)

  • N/A

Description

It has been found that an exposed aws access key was used in attempt to run EC2 instance. AWS proactively monitors popular code repository sites for exposed AWS Identity and Access Management (IAM) access keys. On detection of an exposed IAM access key, a policy named 'AWSExposedCredentialPolicy_DO_NOT_REMOVE' is assigned to the IAM user in order to notify on the leaked access key.

  • Recommended Mitigation

    It is recommended to rotate the exposed aws access key immediately and to review if the run instance is a legitimate action.

Need help?

Get a free Security Risk Assessment. Start today

Orca Security Demo Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.