๐ผ [KMS.5] KMS keys should not be publicly accessible
- Contextual name: ๐ผ [KMS.5] KMS keys should not be publicly accessible
- ID:
/frameworks/aws-fsbp-v1.0.0/kms/05 - Located in: ๐ผ Key Management Service (KMS)
Descriptionโ
Implementing least privilege access is fundamental to reducing security risk and the impact of errors or malicious intent. If the key policy for an AWS KMS key allows access from external accounts, third parties might be able to encrypt and decrypt data by using the key. This could result in an internal or external threat exfiltrating data from AWS services that use the key.
Similarโ
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|