Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The KMS key resource does not have ‘prevent_destroy’ enabled, which means keys can be deleted without safeguards. This makes it easy for users or automated processes to accidentally or intentionally remove critical encryption keys.
Impact#
If a KMS key is deleted, all data encrypted with that key can become permanently inaccessible, leading to data loss or service outages. Attackers or misconfigured automation could exploit this to disrupt operations or cause irrecoverable loss of sensitive information.