When using AWS API Gateway you can use the AWS Lambda authorizer for HTTP APIs to authorize the requests. In this blog I will show you how to validate a JWT token signed with KMS in a Lambda using the Golang runtime....
In the past it was very common to use AWS credentials (access token and secret) in your GitHub actions pipeline. This poses a security risk because most of the time these AWS credentials are long-lived credentials with a lot of permissions....
I have seen a lot AWS environments and noticed that it is very common that companies use AWS IAM users to log in and access the API. This can cause security issues and is time-consuming to manage but is very easy to improve by setting up AWS IAM Identity Center (Successor to AWS Single Sign-On)....
So you leaked your AWS credentials onto the world wide web, and you are wondering what to do to minimize the damage. There are multiple steps that should be taken, but I do think that the order of these steps matter....
I heard multiple times that AWS scans public GitHub repositories for AWS credentials and informs its users of the leaked credentials. So I am curious to see this for myself, so I decided to intentionally leak AWS credentials to a Public GitHub repository....
