DEV Community

How to Stop Leaking AWS Keys to GitHub (And What to Do When You Already Did) (opens in new tab)

Covers Using tools written in Rust in CIDiscussed on DEV

The 2 AM Phone Call Nobody Wants Last year I got pulled into an incident at a previous gig. A junior engineer had pushed a .env file to a public repo. Within 11 minutes, automated scanners had grabbed the AWS access keys and started spinning up GPU instances for crypto mining. By the time we rotated credentials, the bill was already four figures. This stuff happens constantly. The recent news cycle around government cloud keys ending up in public GitHub repos isn't unique — it's just the late...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help