Skip to content

Information Disclosure: AWS Config Exposure¶

Identifier: aws_config_exposure

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

AWS configuration files may be accidentally exposed, potentially revealing secrets like access keys and other sensitive details about AWS setup, which could allow attackers to gain unauthorized access to cloud resources.

How we test: We scan for exposed AWS configuration files such as /.aws/config or /.aws/credentials that may be accessible via web servers. We check if these files contain sensitive information like access keys, secret keys, or other AWS credentials that should not be publicly accessible.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  aws_config_exposure:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.