Suspicious activity

Exposed AWS key

Risk Level

Imminent Compromised (2)



Orca detected an AWS key was exposed. AWS proactively monitors popular code repository sites for exposed AWS Identity and Access Management (IAM) access keys. On detection of an exposed IAM access key, a policy named 'AWSExposedCredentialPolicy_DO_NOT_REMOVE' is assigned to the IAM user in order to notify on the leaked access key.
  • Recommended Mitigation

    It is recommended to rotate the exposed AWS access key immediately and review the activity of the user's leaked access key.