DEV Community

sot528
sot528

Posted on

Delete CircleCI's invisible AWS credentials

Problem

AWS notified me to rotate AWS credentials that are (seemingly) not registered with CircleCI.

Hello,

AWS is reaching out to you on behalf of CircleCI as a follow-up to the security issue they disclosed on January 4, 2023 [1] involving their platform. AWS infrastructure and services were not affected by this issue.

However, CircleCI believes the following AWS access keys, associated with your account, may be affected by this issue.
AKIA4**************


AWS recommends you rotate these keys immediately.
Enter fullscreen mode Exit fullscreen mode

Occasion

Because the AWS Permission of the CircleCI project, which was used since time immemorial, was still alive even though it was discontinued in the UI.

Solution

${CIRCLECI_VCS} with either "github" or "bitbucket"
${CIRCLECI_ORG} with the name of your org
${CIRCLECI_PROJECT} with the name of your project/repository
${CIRCLECI_TOKEN} with a Personal API Token

curl -X PUT -d "{\"aws\":{\"keypair\":null}}" "https://circleci.com/api/v1.1/project/${CIRCLECI_VCS}/${CIRCLECI_ORG}/${CIRCLECI_PROJECT}/settings?circle-token=${CIRCLECI_TOKEN}" -H "Content-Type:application/json"
Enter fullscreen mode Exit fullscreen mode

Note

WTF๐Ÿคฃ

Top comments (0)