- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Ensure that no known compromised IAM users are present in your AWS account. When AWS identifies compromised AWS IAM user credentials, it attaches the managed policy AWSCompromisedKeyQuarantineV2 that blocks commonly abused actions, and typically opens a support case. When this happens, it’s important to make sure that the user is removed, or its credentials are disabled.
Note: This rule only triggers if the IAM user has active programmatic credentials.
Follow the Rotating access keys AWS documentation to disable the compromised access key, and create a new one. You can also follow the AWS incident response playbook and the AWS incident response guide to assess the impact of the compromised credentials.