Closed jameshadfield closed 2 months ago
+1 for removing. Out of curiosity, I tested which IAM user it is with 836edc6a359f6df480853d4dbdde74dff9ed4dec (apparently I also checked 2 years ago):
{
"UserId": "AIDA4BL5UZTAVYVAS2CPU",
"Account": "82758158252[9](https://github.com/nextstrain/nextstrain.org/actions/runs/8639540697/job/23686030220#step:2:10)",
"Arn": "arn:aws:iam::827581582529:user/github-actions-nextstrain-data"
}
I think we can remove the user github-actions-nextstrain-data and the group nextstrain-data (the user is the only member of this group).
I think we can remove
Agreed. It's friday here, so I'll pick this up on monday morning so I can monitor if anything unexpected happens.
Just deleted them from AWS IAM as part of https://github.com/nextstrain/private/issues/104
Deleted AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
from repository secrets
[2 weeks ago] It's friday here, so I'll pick this up on monday morning
Did not age well! Thanks @victorlin 🙏
The
AWS_ACCESS_KEY_ID
andAWS_SECRET_ACCESS_KEY
repo level secrets as unused as far as I can understand.They were first referenced by d98838543e036c06332014c5bf17e639e0bc98c4 and their last usage removed by a pair of commits a couple of days apart: a75539ac59d4441024d97b77b2798ec43425b34b and 86956ef380ad0134d1fe18e40fdd18dadcaafa42