Secrets Manager Unrestricted Access

Tenacity Id

Risk Level

Categories

secrets-manager-002

3

Last Updated:

April 21, 2022

AWS Secrets Manager resource policy is disabled. Secrets Manager resource based policies are used to control access to a secret. A resource-based policy enables you to grant access to principals from different accounts as well as restrict it to only specific users. Secrets Manager policy should restrict secret access to particular users.