I built a scanner that found 41 live AWS keys in 900 Terraform state files
GeorgeWoff25
17 points
2 comments
May 25, 2026
Related Discussions
Found 5 related stories in 93.8ms across 8,444 title embeddings via pgvector HNSW
- CISA Admin Leaked AWS GovCloud Keys on GitHub LelouBil · 439 pts · May 19, 2026 · 59% similar
- Post-mortem of the EU Europa breach: A masterclass in IAM misconfiguration D__S · 11 pts · April 02, 2026 · 50% similar
- I found 39 Algolia admin keys exposed across open source documentation sites kernelrocks · 106 pts · March 13, 2026 · 49% similar
- I audited the privacy of popular free dev tools, the results are terrifying WaitWaitWha · 52 pts · March 03, 2026 · 48% similar
- AWS S3 Files dvrp · 17 pts · April 07, 2026 · 48% similar
Discussion Highlights (2 comments)
Cpoll
> I kept it at 10 requests per second because I was not trying to DDoS anyone. You can't really DDoS S3 on a $20 node. > AWS does not tell you when your bucket is being scanned. I wonder if that even makes sense; the "scanning" is just a single request to a public bucket, and they can't infer that the bucket isn't supposed to be public. In theory AWS could flag the IP that's sending requests to thousands of buckets.
mhitza
If the claim is true, please report them all to AWS, even if AWS closes off accounts automatically. All personal data at risk due to their incompetence at cloud engineering is too dangerous to go unaffected.