Base64 AWS keys
Description
General
- Documentation: https://docs.aws.amazon.com/IAM/latest/APIReference/welcome.html
- Summary: Amazon Web Services is a cloud provider. It provides computing and storage services. AWS keys allow users to programmatically manage AWS resources. As an example, one can create or delete instances using the access keys. This detector will detect AWS keys encoded in base64.
Revoke the secret
Sign in to the AWS Management Console as the AWS account root user then choose the desired account name in the navigation bar, and go to "My Security Credentials".
Expand the "Access keys" section then click on the delete button.
The difference between the delete button and the make inactive button is that disabled keys can be re-enabled later, which should not be the case here.
Details for Base64 AWS Keys
-
Family: credentials
-
Category: cloud_provider
-
Company: Amazon Web Services
-
High recall: True
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 2.6
-
Prefixed: True