I hereby claim:
- I am weedpatch2 on github.
- I am weedpatch2 (https://keybase.io/weedpatch2) on keybase.
- I have a public key whose fingerprint is FD63 D51E ABB5 B5E2 B20D C013 70B4 BB87 B439 960E
To claim this, I am signing this object:
weedpatch2
weedpatch2
/ AWS access key grep
Created
April 24, 2021 22:22
— forked from hsuh/AWS access key grep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| url - https://aws.amazon.com/blogs/security/a-safer-way-to-distribute-aws-credentials-to-ec2/ | |
| Finding hard-coded credentials in your code | |
| Hopefully you’re excited about deploying credentials to EC2 that are automatically rotated. Now that you’re using Roles, a good security practice would be to go through your code and remove any references to AKID/Secret. We suggest running the following regular expressions against your code base: | |
| Search for access key IDs: (?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9]). In English, this regular expression says: Find me 20-character, uppercase, alphanumeric strings that don’t have any uppercase, alphanumeric characters immediately before or after. | |
| Search for secret access keys: (?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]). In English, this regular expression says: Find me 40-character, base-64 strings that don’t have any base 64 characters immediately before or after. | |
| If grep is your preferred tool, run a recursive, Perl-compatible search using the following commands |