AWS > IAM >

Canary Keys Used

CRITICAL

Source

CloudSploit

canary-keys-used

management console

Canary Keys Used

Detects when a special canary-token access key has been used

Canary access keys can be created with limited permissions and then used to detect when a potential breach occurs.

Recommended Actions

Create a canary access token and provide its user to CloudSploit. If CloudSploit detects that the account is in use, it will trigger a failure.

Links

https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.