This repo scans pypi, rubygems and hexpm for AWS keys

Last update: Jan 28, 2023

Related tags

Overview

What is this?

This is a project to try to detect any AWS access keys that are accidentally uploaded to the Python Package Index (PyPi).

New uploads are scanned periodically, and if a valid key is detected then it is added to this repository under the keys directory. This will then notify AWS (via Github secret scanning) which will cause AWS to secure your key.

What's wrong with adding IAM credentials into code?

It can lead to anyone using these to perform potentially malicious actions on your account. See the AWS best practices document for more details.

How does it work?

This is a proof-of-concept that uses github actions to run a rust tool every hour. The main.rs file has a pretty good overview of the process and how it all works.

What happens when my key is added?

AWS will notify you via an email and apply the QuarantineV2 IAM policy onto the leaked key.

Simple fake AWS Cognito User Pool API server for development.

Fakey Cognito 🏡 Homepage Simple fake AWS Cognito API server for development. ✅ Implemented features AdminXxx on User Pools API. Get Started # run wit

4 Aug 30, 2022

Postgres proxy which allows tools that don't natively supports IAM auth to connect to AWS RDS instances.

rds-iamauth-proxy rds-proxy lets you make use of IAM-based authentication to AWS RDS instances from tools that don't natively support that method of a

10 Nov 7, 2022

A tool to run web applications on AWS Lambda without changing code.

AWS Lambda Adapter A tool to run web applications on AWS Lambda without changing code. How does it work? AWS Lambda Adapter supports AWS Lambda functi

321 Jan 2, 2023

📦 🚀 a smooth-talking smuggler of Rust HTTP functions into AWS lambda

lando 🚧 maintenance mode ahead 🚧 As of this announcement AWS not officialy supports Rust through this project. As mentioned below this projects goal

68 Dec 7, 2021

Ref Arch: Serverless GraphQL in Rust on AWS

A Whole Hog Reference Architecture for an Apollo Federation-Ready, Serverless, Rust-Based GraphQL Microservice on AWS using Cloud Development Kit (CDK)

3 Jan 12, 2022

cargo-lambda a Cargo subcommand to help you work with AWS Lambda

cargo-lambda cargo-lambda is a Cargo subcommand to help you work with AWS Lambda. This subcommand compiles AWS Lambda functions natively and produces

184 Jan 5, 2023

cargo-lambda is a Cargo subcommand to help you work with AWS Lambda.

cargo-lambda cargo-lambda is a Cargo subcommand to help you work with AWS Lambda. The new subcommand creates a basic Rust package from a well defined

184 Jan 5, 2023

A Rust runtime for AWS Lambda

Rust Runtime for AWS Lambda This package makes it easy to run AWS Lambda Functions written in Rust. This workspace includes multiple crates: lambda-ru

2.4k Dec 29, 2022

Managing schema for AWS Athena in GitOps-style

athena-rs Managing AWS Athena Schemas Installation $ cargo install --git https://github.com/duyet/athena-rs $ athena --help athena 0.1.0 Duyet me@du

3 Sep 25, 2022

Comments

Scan for other key types?

This is fantastic! It's a huge service to the community (and frankly, the world).

How hard do you think it'd be to extend to cover other key types? I'm not quite sure what the next highest priority would be, but based on the number of key types Github's Secret Scanning supports, there's a lot of other stuff people accidentally ship :-(

opened by alex 2