Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
More and more providers have been adding unique prefixes to their tokens and access keys which makes detection much easier. Ex, GitLab adds `glpat-` to their PAT.
A project I maintain, Gitleaks, can easily detect "unique" secrets and does a pretty good job at detecting "generic" secrets too. In this case, the generic gitleaks rule would have caught the secrets [1]. You can see the full rule definition here [2] and how the rule is constructed here [3].
[1] https://regex101.com/r/CLg9TK/1
[2] https://github.com/zricethezav/gitleaks/blob/master/config/g...
[3] https://github.com/zricethezav/gitleaks/blob/master/cmd/gene...
For my dev machine's interactions with AWS, I use https://github.com/99designs/aws-vault
You add the long lived secret to it and it stores it in a password protected storage (MacOS keychain or similar).
Then you invoke aws-vault with an IAM role and command, and it will handle obtaining short-lived credentials scoped to that role (including TOTP 2-factor code auth), and then run the command with those temporary credentials as env vars.
With the right AWS permissions on your user, it can also automatically rotate the IAM user API keys for you.
Depending on your IdP there's a few tools in addition to AWS CLI v2 that works well in this space.
aws-vault is one of them, though out of support now, aws-okta [1] is another.
[1] https://github.com/segmentio/aws-okta
A different instance may work for you https://github.com/zedeus/nitter/wiki/Instances
I knew there'd be someone from the Netherlands to elaborate!
I actually saw the fact pointed out in a comment—it's brought up surprisingly often here. Even a fairly narrow query finds many comments https://hn.algolia.com/?query=netherlands%20religion%20nazi&...