Description

It was found that {AwsKmsKey} is exposed. A master key is considered exposed when one of the statements in the key policy contain 'AWS: *'. Ensure Amazon KMS master keys are not exposed to everyone.
  • Recommended Mitigation

    It is recommended to restrict KMS master keys access according to the least privileges principal. By being public, the master key is exposed to enumeration and stealing attempts.