Join us

What happens when you leak AWS credentials and how AWS minimizes the damage

@faun ・ May 02,2023

AWS scans public GitHub repositories for leaked AWS credentials and alerts the user. The author intentionally leaked AWS credentials to a public GitHub repository to see what would happen.

AWS quickly added the "AWSCompromisedKeyQuarantineV2" policy to the IAM user account and informed the user via email of the leak.
AWS attaches the policy and informs the user within minutes of the leak, likely using GitHub's "Secrets Scanning" service and "Secret scanning alerts for partners".
Malicious actors scan public GitHub repositories constantly for leaked credentials using automated tools.
AWS recommends preventing the leaking of credentials by running a pre-commit locally scanning for secrets, adding a secret scanner in your CI/CD pipeline, and using GitHub Secrets Scanning for users.

Let's keep in touch!

Stay updated with my latest posts and news. I share insights, updates, and exclusive content.

Unsubscribe anytime. By subscribing, you share your email with @faun and accept our Terms & Privacy.

Give a Pawfive to this post!

Only registered users can post comments. Please, login or signup.

Share with your friends and followers

Start writing about what excites you in tech — connect with developers, grow your voice, and get rewarded.

Join other developers and claim your FAUN.dev() account now!

Publish your first story!

The FAUN

FAUN.dev()

@faun

The FAUN watches over the forest of developers. It roams between Kubernetes clusters, code caves, AI trails, and cloud canopies, gathering the signals that matter and clearing out the noise.