Certified Security - Specialty

Sign Up Free or Log In to participate!

Lesson: I’ve Leaked My Keys On Github Accidentally

There is actually a lot more steps than just disabling the access key creds of the compromised account as mentioned in the lesson. 


In fact, as mentioned by AWS: "Rotating the credentials for the IAM user whose credentials were exposed will not invalidate any temporary credentials that were obtained using the user’s credentials. However, if it’s practical for you to delete the IAM user, do that. This causes authentication attempts for temporary credentials associated with that user to fail." 

Please add the necessary info in the lesson, as its totally incomplete and does not reflect what AWS advises.

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?