This repo scans pypi, rubygems and hexpm for AWS keys

Overview

What is this?

This is a project to try to detect any AWS access keys that are accidentally uploaded to the Python Package Index (PyPi).

New uploads are scanned periodically, and if a valid key is detected then it is added to this repository under the keys directory. This will then notify AWS (via Github secret scanning) which will cause AWS to secure your key.

What's wrong with adding IAM credentials into code?

It can lead to anyone using these to perform potentially malicious actions on your account. See the AWS best practices document for more details.

How does it work?

This is a proof-of-concept that uses github actions to run a rust tool every hour. The main.rs file has a pretty good overview of the process and how it all works.

What happens when my key is added?

AWS will notify you via an email and apply the QuarantineV2 IAM policy onto the leaked key.

You might also like...
Rusoto is an AWS SDK for Rust
Rusoto is an AWS SDK for Rust

Rusoto is an AWS SDK for Rust You may be looking for: An overview of Rusoto AWS services supported by Rusoto API documentation Getting help with Rusot

Simple fake AWS Cognito User Pool API server for development.

Fakey Cognito 🏑 Homepage Simple fake AWS Cognito API server for development. βœ… Implemented features AdminXxx on User Pools API. Get Started # run wit

Postgres proxy which allows tools that don't natively supports IAM auth to connect to AWS RDS instances.

rds-iamauth-proxy rds-proxy lets you make use of IAM-based authentication to AWS RDS instances from tools that don't natively support that method of a

A tool to run web applications on AWS Lambda without changing code.
A tool to run web applications on AWS Lambda without changing code.

AWS Lambda Adapter A tool to run web applications on AWS Lambda without changing code. How does it work? AWS Lambda Adapter supports AWS Lambda functi

πŸ“¦ πŸš€ a smooth-talking smuggler of Rust HTTP functions into AWS lambda
πŸ“¦ πŸš€ a smooth-talking smuggler of Rust HTTP functions into AWS lambda

lando 🚧 maintenance mode ahead 🚧 As of this announcement AWS not officialy supports Rust through this project. As mentioned below this projects goal

Ref Arch: Serverless GraphQL in Rust on AWS
Ref Arch: Serverless GraphQL in Rust on AWS

A Whole Hog Reference Architecture for an Apollo Federation-Ready, Serverless, Rust-Based GraphQL Microservice on AWS using Cloud Development Kit (CDK)

cargo-lambda a Cargo subcommand to help you work with AWS Lambda

cargo-lambda cargo-lambda is a Cargo subcommand to help you work with AWS Lambda. This subcommand compiles AWS Lambda functions natively and produces

cargo-lambda is a Cargo subcommand to help you work with AWS Lambda.

cargo-lambda cargo-lambda is a Cargo subcommand to help you work with AWS Lambda. The new subcommand creates a basic Rust package from a well defined

A Rust runtime for AWS Lambda

Rust Runtime for AWS Lambda This package makes it easy to run AWS Lambda Functions written in Rust. This workspace includes multiple crates: lambda-ru

Comments
  • Scan for other key types?

    Scan for other key types?

    This is fantastic! It's a huge service to the community (and frankly, the world).

    How hard do you think it'd be to extend to cover other key types? I'm not quite sure what the next highest priority would be, but based on the number of key types Github's Secret Scanning supports, there's a lot of other stuff people accidentally ship :-(

    opened by alex 2
Owner
Tom Forbes
Django person living and working in London.
Tom Forbes
Rs.aws-login - A command line utility to simplify logging into AWS services.

aws-login A command line utility to simplify logging into AWS accounts and services. $ aws-login use ? Please select a profile to use: β€Ί ❯ dev-read

Kevin Herrera 11 Oct 30, 2022
This repo is a sample video search app using AWS services.

Video Search This repo is a sample video search app using AWS services. You can check the demo on this link. Features Transcribing Video and generate

AWS Samples 8 Jan 5, 2023
Easy switch between AWS Profiles and Regions

AWSP - CLI To Manage your AWS Profiles! AWSP provides an interactive terminal to interact with your AWS Profiles. The aim of this project is to make i

KubeOps Skills 14 Dec 25, 2022
Cookiecutter templates for Serverless applications using AWS SAM and the Rust programming language.

Cookiecutter SAM template for Lambda functions in Rust This is a Cookiecutter template to create a serverless application based on the Serverless Appl

AWS Samples 24 Nov 11, 2022
A lightweight distributed message queue. Like AWS SQS and RSMQ but on Postgres.

Postgres Message Queue (PGMQ) A lightweight distributed message queue. Like AWS SQS and RSMQ but on Postgres. Features Lightweight - Built with Rust a

Tembo 15 Jul 25, 2023
A simple workshop to learn how to write, test and deploy AWS Lambda functions using the Rust programming language

Rust Lambda Workshop Material to host a workshop on how to build and deploy Rust Lambda functions with AWS SAM and Cargo Lambda. Intro What is Serverl

Luciano Mammino 13 Mar 28, 2024
A small utility for tracking the change in opening and closing of issues in a GitHub repo

A small utility for tracking the change in opening and closing of issues in a GitHub repo. This tool can be used to build visualizations for issue triage over time with the hope of motivating closing more issues than are opened.

Ryan Levick 12 Sep 29, 2021
Repo for Monaco, a DCA engine for Solana. Built on Solend and lending protocols (Jet, Solend, Port, etc...)

Monaco Monaco is a DCA protocol for solana built on top of Serum and compatible with any program that implements or extends the instruction interface

Rohan Kapur 19 Apr 13, 2022
Remote Secret Editor for AWS Secret Manager

Barberousse - Remote Secrets Editor About Usage Options Printing Editing Copying RoadMap 1.0 1.1 Future About A project aimed to avoid downloading sec

Mohamed Zenadi 18 Sep 28, 2021
Rust client for AWS Infinidash service.

AWS Infinidash - Fully featured Rust client Fully featured AWS Infinidash client for Rust applications. You can use the AWS Infinidash client to make

Rafael CarΓ­cio 15 Feb 12, 2022