TF 0045 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
User data for EC2 instances must not contain sensitive AWS keys
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | ec2 |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description
Storing sensitive AWS access keys or credentials in EC2 user data exposes them in plain text, as user data is accessible via the AWS Management Console and API. This practice bypasses secure credential management and increases the risk of unauthorized access.
Impact
If exploited, attackers can obtain AWS credentials from user data, allowing them to assume the privileges of the compromised keys. This can lead to unauthorized access, data breaches, resource manipulation, or full account compromise, severely impacting the security of AWS resources.
Resolution
Remove sensitive data from the EC2 instance user-data generated by launch templates