AWS-KMS-KMS-Key-Policy
- naveen
Owned by naveen
Dec 06, 2021
1 min read
Loading data...
Severity : Medium
Description : KMS key policies should be designed to limit the number of users who can perform encrypt and decrypt operations. Each application should use its own key to avoid over exposure.
Remediation Steps : Modify the KMS key policy to remove any wildcards and limit the number of users and roles that can perform encrypt and decrypt operations using the key.
Blue Hexagon Proprietary