This repository is home to the Operations Engineering's tools and utilities for managing, monitoring, and optimising software development processes at the Ministry of Justice. • This repository is defined and managed in Terraform
This story is to create a runbook for the team of the steps to take if an AWS credential is exposed. Here is an example of a previous incident where an accidental AWS credentials disclosure on 2020-12-18. Jake Mulley ran through the following procedure:
1 .The access keys were deleted
2 CloudTrail shows no activity after 16:43 UK time with those keys
I've attached a policy to Daniel's user to deny any actions using a
temporary token from before 17:30 GMT on 17th December 2020
I'll keep an eye on the billing for that account & will work my way
through any new IAM users, policies, etc. that were created after
16:30 UK time today.
We should document these steps that we would run through generically and add to our runbooks site.
Background
First part of #77
This story is to create a runbook for the team of the steps to take if an AWS credential is exposed. Here is an example of a previous incident where an accidental AWS credentials disclosure on 2020-12-18. Jake Mulley ran through the following procedure:
1 .The access keys were deleted 2 CloudTrail shows no activity after 16:43 UK time with those keys
We should document these steps that we would run through generically and add to our runbooks site.
Definition of done