Skip to main content
__wf_reserved_inherit

AWS Keys

Description

General

  • Documentation: https://docs.aws.amazon.com/IAM/latest/APIReference/welcome.html
  • Summary: Amazon Web Services is a cloud provider. It provides computing and storage services. AWS keys allow users to programmatically manage AWS resources. As an example, one can create or delete instances using the access keys.
  • IPs allowlist: It is possible to configure IP ranges that have access to AWS resources. See more infos.
  • Scopes: One can create keys for IAM user. An IAM user is an identity that represents a person or an application. Permissions are granted to the IAM user and the access keys attached to the user will inherit the same permissions. IAM user also supports MFA for additional security. Anyone who has such an access key has unrestricted access to all the IAM account resources, possibly including billing information.

Revoke the secret

Sign in to the AWS Management Console as the AWS account root user then choose the desired account name in the navigation bar, and go to "My Security Credentials".

Expand the "Access keys" section then click on the delete button.

The difference between the delete button and the make inactive button is that disabled keys can be re-enabled later, which should not be the case here.

Check for suspicious activity

AWS CloudTrail is the service logging API calls. When enabled, the service delivers the log files to an S3 bucket.

Details for Aws iam

  • Family: Api

  • Category: Cloud Provider

  • Company: Amazon Web Services

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 174.46

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - akia
    - abia
    - acca

Examples

- text: |
    client id =  ABIAK52LPFORPRUCRC22
    CLIENT SECRET = hjshnn5ef2a30565c4654HMSAoaz443d42swljak
  client_id: ABIAK52LPFORPRUCRC22
  client_secret: hjshnn5ef2a30565c4654HMSAoaz443d42swljak

- text: |
    client id =  AKIAX52MPYOTPRUCRC22
    +S0ugN5wv2mBHr+e7DN7dTqg4Aa6b4l5I0gDRfq9S
  client_id: AKIAX52MPYOTPRUCRC22
  client_secret: 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

- text: |
    //545084392359.signin.aws.amazon.com/console
    +
    +
    +AKIAX52MPYOTPRUCRC22
    +9rtYl+xkdUhKFuOnnUuBRlqSidexGSq5WlL+NBwu
    +
    +===========================
    +Microservices Co
  client_id: AKIAX52MPYOTPRUCRC22
  client_secret: 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

- text: |
    @@ -0,0 +1,17 @@
    +#!/bin/bash -e
    +export AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-AKIAIX4ONRSG6ODEFVJA}
    +export AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-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}
  client_id: AKIAIX4ONRSG6ODEFVJA
  client_secret: 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

Details for Aws iam sts

  • Family: Api

  • Category: Cloud Provider

  • Company: Amazon Web Services

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 3

  • Occurrences found for one million commits: 9.41

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - yxdz
    - iqojb3jpz2lu
- type: ContentWhitelistPreValidator
  patterns:
    - asia

Examples

- text: |
    client id =  ASIAAKIAFJKR45SAWS5Z
    client secret = hjohnk4ex5l33565d4634HNKGxhz545e89cjyjad
    session = FwoGZXIvYXdzEBAaDLHxhjed4A6ABQplMyKBAd0Jzohb7hRtcvWvjWSNw5bVcn5al0jGu9Cl7W2ijDztOnmLZICjbsFBYgO7mt2J1AM9CO0nrL9qBatm9+ytKde5MXuKyzMGY6J8YDLoXU625FQKpnGXelSQxA1mYI/VOjaSa2MP4gPZsgOBjyOuiRxUKmkgYglbzl8sGYco9KWSNyjK5/aKBjIoKnYXwjdTkOt7/Bw6HMETrjPUPyHStdSfCjt4IwGvu2ox5Xo8VHAp5g==
  client_id: ASIAAKIAFJKR45SAWS5Z
  client_secret: hjohnk4ex5l33565d4634HNKGxhz545e89cjyjad
  session_token: FwoGZXIvYXdzEBAaDLHxhjed4A6ABQplMyKBAd0Jzohb7hRtcvWvjWSNw5bVcn5al0jGu9Cl7W2ijDztOnmLZICjbsFBYgO7mt2J1AM9CO0nrL9qBatm9+ytKde5MXuKyzMGY6J8YDLoXU625FQKpnGXelSQxA1mYI/VOjaSa2MP4gPZsgOBjyOuiRxUKmkgYglbzl8sGYco9KWSNyjK5/aKBjIoKnYXwjdTkOt7/Bw6HMETrjPUPyHStdSfCjt4IwGvu2ox5Xo8VHAp5g==

- text: |
    client id: ASIA2EHZ5M7JX3GAEO5M
    client_secret: 3GL1oJBt1YncTDi1R/o6i4xVcWl7y6VLtH6FC3HB
    client_token: IQoJb3JpZ2luX2VjEGoaCXVzLWVhc3QtMSJHMEUCIQCqb7eWWtTBAzf8XkcSeEWwlgu4rsfypWV4HFx4zyiiDQIgDSU8p29rr/Ys/NDlwatSB0yd+N/8rMM4qB4duzoDAHYqjAMI0///////////ARACGgw3MDg1NzAyMjk0MzkiDKRyw9a+NGM+oMI2iyrgAhYD7JTPP696aLDnFBFyJXGG5VhCD3T4DT+FYu8B/Uqa6a9ow3SqbvFbh/WuzvuiFHhXIOC+HMcqPJ0D5RBt5FRi53CTaAXu+i7JtxYGymAdpYDv1DXkiRbzxA81qBzGGzMgu8ckUw4Mic9qbosOadmTDoVxW97//st/A7XGOETEAdGqtKM3HiX/KTDwFXDjfWTAxMhKSMml4nxeZjiNkKfL9E3R/0aObNC18Ey2f03TbAJVTM9ZndcrY4rPxxi8phrV5ZJly96R+7mqCw7hYI8a2vNW5gSRwkaX938ZsxheW5iIMb0hdlHSAEI/RRAF/diEPnveWL2l+rTBartZw9QHHtI6NaN6s4391EH3j3JoloUkaKwb4fF9w9jmG87vEGeOPdDkncC1srILwqvVXeB1FGHR5KP6isYu3vvdzt0LCF6b/Pq7Cgw0CBPO/zxTSATyuTm6Ao/X2NHor+4tSaMw4IrWigY6pgHebYmvtup+YjlxOVtkSxuAtj4Juw1DoiSBIuyaNJ+5yqdZq6MMCHa96/xHL1NX28/8tBWVZ+nqb96sTHRBW73tBDHmWR/eGa9LRF4NKUjr6Ey9165aeI2+LT9vl2Nh1dWwwkLrCJRScZt1tEN0P3AtddULnWLlXjc0XvZ1HwteJMvGU1SG+0KqyOq7PqhoEQrfa6lPdcdfTUGt9nsm/8EivPdEvohU
  client_id: ASIA2EHZ5M7JX3GAEO5M
  client_secret: 3GL1oJBt1YncTDi1R/o6i4xVcWl7y6VLtH6FC3HB
  session_token: IQoJb3JpZ2luX2VjEGoaCXVzLWVhc3QtMSJHMEUCIQCqb7eWWtTBAzf8XkcSeEWwlgu4rsfypWV4HFx4zyiiDQIgDSU8p29rr/Ys/NDlwatSB0yd+N/8rMM4qB4duzoDAHYqjAMI0///////////ARACGgw3MDg1NzAyMjk0MzkiDKRyw9a+NGM+oMI2iyrgAhYD7JTPP696aLDnFBFyJXGG5VhCD3T4DT+FYu8B/Uqa6a9ow3SqbvFbh/WuzvuiFHhXIOC+HMcqPJ0D5RBt5FRi53CTaAXu+i7JtxYGymAdpYDv1DXkiRbzxA81qBzGGzMgu8ckUw4Mic9qbosOadmTDoVxW97//st/A7XGOETEAdGqtKM3HiX/KTDwFXDjfWTAxMhKSMml4nxeZjiNkKfL9E3R/0aObNC18Ey2f03TbAJVTM9ZndcrY4rPxxi8phrV5ZJly96R+7mqCw7hYI8a2vNW5gSRwkaX938ZsxheW5iIMb0hdlHSAEI/RRAF/diEPnveWL2l+rTBartZw9QHHtI6NaN6s4391EH3j3JoloUkaKwb4fF9w9jmG87vEGeOPdDkncC1srILwqvVXeB1FGHR5KP6isYu3vvdzt0LCF6b/Pq7Cgw0CBPO/zxTSATyuTm6Ao/X2NHor+4tSaMw4IrWigY6pgHebYmvtup+YjlxOVtkSxuAtj4Juw1DoiSBIuyaNJ+5yqdZq6MMCHa96/xHL1NX28/8tBWVZ+nqb96sTHRBW73tBDHmWR/eGa9LRF4NKUjr6Ey9165aeI2+LT9vl2Nh1dWwwkLrCJRScZt1tEN0P3AtddULnWLlXjc0XvZ1HwteJMvGU1SG+0KqyOq7PqhoEQrfa6lPdcdfTUGt9nsm/8EivPdEvohU

- text: |
    class BotService {
      late Map<String, dynamic> result;
      String botName = "BookAppointment";
      String kAccessKeyId = 'ASIAZWJRDCYYKA6INEEW';
      String kSecretAccessKey = 'kOqmb4VZie3cilEqYPgROZzVl5qiQOV+WJH86zwR';
      String sessionToken = 'IQoJb3JpZ2luX2VjEDoaCXVzLWVhc3QtMiJIMEYCIQDQh4gelDqno96q39RwiPT5x7K7SyVOSmeDpUMd9SthWAIhAP5tT81Cb+Rb2zN85delmYB4KECmW1uL7Tr36C/M2GaJKr0DCKP//////////wEQARoMNjY2MzU5NzY0NTI4Igyu9F2yAqZN3dG0q9YqkQMVrg/4mCJjDxg0QmplU581Z2P8LGhGfr9vgei6SaONhhfks5Kt9Ikbh61G9UiQ3SXgPLbHjOfTUueaIIcBz1Y3LcW+WajtfsGfB8CqT76lkJLtkvl+1KjSCVn6k+/K/iWgr3Zc1Ej+qT2djTH4x1OWFNS6i6iCtlUy/Z6i3P2fziHGsEmafkH3ict+07dFb3DA2aRnUhnaCHfQDNd/5ub70oILwB4UgtgGNkbM9SE/NxKgPZY9qIktYifqcgfDyYMYHlvY9XEc0UT2jfaQKDYVgMCdsdsW5mkoBYzLRisQhKxjfwaBpkRtdW8dEHFAG04eV4JSAbOSat3bgUwahATGizOdsMz/qhnS9qzShQGgSR6OU6pDDUtuHCGh0sgwrjsZ+bGDfzkw5Sy3JhjQpozfinCsAmDZ1t3nX6llw9OR9B2mdDHCeccsWGwjIvmprs21FtgjDuKGzaAET6HgQAR+pkFUgxBWVmZArtck1ziG21FEN8pFR75rOgxSkQ3yEZeDZkIIZ/aJnABGvbC3Fbq9ATD6ycuKBjqlAaGPeFKzdCR1dBh4sHQVHejXNegWWZV72n4MLyZx2FE9wLUfPGXXW+pYZg4SySvN0Z4OnGoYdlO/pjKvdRa507mSD8N8EhkwgpJMatFobJb0hsz7GY5flutVSkDfBDYkU91vpl7YCJ5rlvuR0I6iWe+K7smYj5hzm16YokWsRQ4EeWHo0peEJuqTZrZt/U4gHVsFpG44V8Yb6iRdZL78E+5xcgjeFw==';
    }

  client_id: ASIAZWJRDCYYKA6INEEW
  client_secret: kOqmb4VZie3cilEqYPgROZzVl5qiQOV+WJH86zwR
  session_token: IQoJb3JpZ2luX2VjEDoaCXVzLWVhc3QtMiJIMEYCIQDQh4gelDqno96q39RwiPT5x7K7SyVOSmeDpUMd9SthWAIhAP5tT81Cb+Rb2zN85delmYB4KECmW1uL7Tr36C/M2GaJKr0DCKP//////////wEQARoMNjY2MzU5NzY0NTI4Igyu9F2yAqZN3dG0q9YqkQMVrg/4mCJjDxg0QmplU581Z2P8LGhGfr9vgei6SaONhhfks5Kt9Ikbh61G9UiQ3SXgPLbHjOfTUueaIIcBz1Y3LcW+WajtfsGfB8CqT76lkJLtkvl+1KjSCVn6k+/K/iWgr3Zc1Ej+qT2djTH4x1OWFNS6i6iCtlUy/Z6i3P2fziHGsEmafkH3ict+07dFb3DA2aRnUhnaCHfQDNd/5ub70oILwB4UgtgGNkbM9SE/NxKgPZY9qIktYifqcgfDyYMYHlvY9XEc0UT2jfaQKDYVgMCdsdsW5mkoBYzLRisQhKxjfwaBpkRtdW8dEHFAG04eV4JSAbOSat3bgUwahATGizOdsMz/qhnS9qzShQGgSR6OU6pDDUtuHCGh0sgwrjsZ+bGDfzkw5Sy3JhjQpozfinCsAmDZ1t3nX6llw9OR9B2mdDHCeccsWGwjIvmprs21FtgjDuKGzaAET6HgQAR+pkFUgxBWVmZArtck1ziG21FEN8pFR75rOgxSkQ3yEZeDZkIIZ/aJnABGvbC3Fbq9ATD6ycuKBjqlAaGPeFKzdCR1dBh4sHQVHejXNegWWZV72n4MLyZx2FE9wLUfPGXXW+pYZg4SySvN0Z4OnGoYdlO/pjKvdRa507mSD8N8EhkwgpJMatFobJb0hsz7GY5flutVSkDfBDYkU91vpl7YCJ5rlvuR0I6iWe+K7smYj5hzm16YokWsRQ4EeWHo0peEJuqTZrZt/U4gHVsFpG44V8Yb6iRdZL78E+5xcgjeFw==
__wf_reserved_inherit__wf_reserved_inherit

Something we didn’t cover?

__wf_reserved_inherit

See our Roadmap

__wf_reserved_inherit

Subscribe on GitHub

__wf_reserved_inherit

Submit a request

__wf_reserved_inherit

API status