PlatformResourcesSign inSign Up

Heroku Platform Key

Bridgecrew Policy ID: BC_GIT_48
Chekov Check ID: CKV_SECRET_48
Severity: LOW

Suggest Edits

Heroku Platform Key

Description

Heroku is a cloud platform as a service (PaaS) supporting several programming languages. The Heroku network runs the customer's apps in virtual containers which execute on a reliable runtime environment. Heroku calls these containers "Dynos". These Dynos can run code written in Node, Ruby, PHP, Go, Scala, Python, Java, or Clojure. Heroku also provides custom buildpacks with which the developer can deploy apps in any other language. Heroku lets the developer scale the app instantly just by either increasing the number of dynos or by changing the type of dyno the app runs in.

Fix - Buildtime

Heroku

Step 1: Revoke the Key

  1. In Heroku, click on Account Settings
  2. Click on API Key
  3. Find the compromised key and click on Revoke

Step 2: Monitor for abuse

Updated 8 months ago