Ability to create, manage, list and delete long-term credentials such as access keys and service account keys.
Identity / IAM / Capabilities / DEV
Long-Term Credentials
CCC.IAM.CP03
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.IAM.TH01 | Valid Cloud Credentials Abuse | Valid identity credentials such as access keys, tokens or passwords are misused or compromised. Examples include public exposure, token theft, unprotected metadata service of a compromised compute instance or brute-force attacks. The use of these credentials can provide unauthorized access to the cloud environment, potentially bypassing other security controls and enabling lateral movement across cloud resources. |
| CCC.IAM.TH04 | Additional Cloud Credentials Creation | An adversary with access to a sufficiently privileged cloud account may create additional credentials such as access keys, service accounts and temporary credentials to establish persistance or elevate their privileges. |
| CCC.IAM.TH09 | Long-Lived Static Credentials | Long-lived static credentials such as access keys for an identity are used and not rotated periodically according to security best practices, extending exposure in the event of credentials compromise. |
| CCC.IAM.TH11 | Unused Credentials | Unused IAM identity that is no longer needed or monitored remains active. Its compromise is less likely to be detected, and it represents a persistent, unnecessary attack surface. |