IBM COS HMAC Credentials
Bridgecrew Policy ID: BC_GIT_8
Severity: LOW
IBM COS HMAC Credentials
Description
IBM Cloud object storage (COS) is a format for storing unstructured data in the cloud.
HMAC credentials consist of an Access Key and Secret Key paired for use with S3-compatible tools and libraries that require authentication.
The IBM Cloud Object Storage API is a REST-based API for reading and writing objects. It uses IBM Cloud Identity and Access Management for authentication and authorization, and supports a subset of the S3 API for easy migration of applications to IBM Cloud.
Fix - Buildtime
IBM Cloud
Step 1: Revoke the exposed secret.
Step 2: Clean the git history.
Go under the settings section of your GitHub project and chose the change visibility button at the bottom.
Step 3: Check IBM Cloud Object Storage Accesser server logs to ensure the key was not utilized during the compromised period.
Updated 8 months ago