Skip to content

ACL Permissions over Secret

Many identities can read a secret, Many identities can modify a secret

Description

Limiting access to vault-stored secrets is vital for security. Fewer users reduce breach risks and non-compliance, making security management easier. Use SailPoint Entro’s activity tracking to analyze identities accessing this secret effectively.

Risk triggers

  • Any secret that can be accessed by more than 5 unique non-admin identities, will trigger this risk.

Mitigation

Permissions targeting a secret to be reduced

Create granular policies that only allow fetching secrets relevant to their use to eliminate unnecessary permissions applied to your secrets.