Hacker News new | ask | show | jobs
by projectramo 1737 days ago
My biggest mistake: years ago I ended pushing personal credentials to GitHub at night and waking up to a several thousand dollar bill in the morning.

Changed credentials and cancelled all the running instances only to find that I’d missed some.

It was resolved by the afternoon.
1 comments
judge2020 1737 days ago
Thankfully GitHub now runs secret scanning and AWS is a partner. If you did this today AWS will revoke the key before malicious scanners find it.

https://docs.github.com/en/code-security/secret-scanning/abo...

link