Scan your cloud keys for leaks in open code

The scenario regularly searches public repos for your cloud access keys and, on a leak, sends an alert to botHelp.

  • Checks every active key
  • Searches for them in open code
  • Alert to botHelp on a leak
  • Can disable a key when found

How it works

To get botHelp notifications in , you don't need a developer: a ready-made scenario watches events and sends messages for you.

  1. Starts when: When clicking ‘Execute workflow’
  2. Then: List AWS Users1
  3. Then: Extract AWS Usernames
  4. Check: Split Users for Processing
  5. Then: Get User Access Keys
  6. Check: Filter Active Keys Only
  7. If yes: Prepare Github Search
  8. Then: Rate Limit Wait
  9. Then: Search GitHub for Exposed Keys
  10. Then: Aggregate Search Results
  11. Check: Check For Compromised Keys
  12. If yes: Generate Security Report
  13. Then: Format Slack Alert
  14. Then: Slack
  15. Then: Disable Access Keys

You can launch this integration in Scriptera: describe the task in plain words — the scenario is built, launched and monitored for you.