Too Many Entities Are Fetching the Same Secret
Ecosystem support
-
AWS Secrets Manager
-
Azure Key Vault
-
GCP Secrets Manager
Description
When a secret is accessed by too many entities, it increases the risk of it being leaked or compromised. It's critical to limit access to sensitive information to only those who absolutely need it. This helps to maintain the confidentiality and integrity of the information, ensuring that it is not misused or disclosed to unauthorized parties. For better granular control, create a unique secret for each type of application.
Detection triggers
- 4 or more identities retrieve the same secret
Mitigation
Secret Is Overused, Create Additional Secret
Divide overused secrets among these different workloads by creating additional secrets.