-
Notifications
You must be signed in to change notification settings - Fork 12
/
gh_leaked_key_event.go
33 lines (26 loc) · 1.02 KB
/
gh_leaked_key_event.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
// Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements;
// and to You under the Apache License, Version 2.0. See LICENSE in project root for full license + copyright.
package keynuker
import (
"github.com/aws/aws-sdk-go/service/iam"
"github.com/google/go-github/github"
"time"
)
type LeakedKeyEvent struct {
AccessKeyMetadata FetchedAwsAccessKey
GithubUser *github.User
GithubEvent *github.Event
NearbyContent []byte
LeakerEmail string
}
// Is the key that was leaked the same (limited permission) key that keynuker is using to monitor aws?
// Don't nuke it, since this key has very limited permissions and is needed to nuke other keys.
// Should raise serious alarms if this ever happens.
func (l LeakedKeyEvent) LeakedKeyIsMonitorKey() bool {
return *l.AccessKeyMetadata.AccessKeyId == l.AccessKeyMetadata.MonitorAwsAccessKeyId
}
type NukedKeyEvent struct {
LeakedKeyEvent LeakedKeyEvent
DeleteAccessKeyOutput *iam.DeleteAccessKeyOutput
NukedOn time.Time
}