Accidentally pushed AWS IAM access and secret key to repository defined within application.yml file in code, immediately i got a mail from AWS warning me that my access and secret keys are now exposed with instructions how to rotate this key and secure it. How the fuck do they know?

GitHub scans it and notifies AWS

Isn't it kinda obvious how they know it....

*rolls eyes*

u make mistakes like these and then wonder why you don't hear back from employers.

@SidTheITGuy haha. Ouch!

The bigger question is why you didn't have anything in place blocking the commit/pr?
I'm very happy to hear that they proactively warn you about it though: I've heard about government clouds having credentials leaked just like this (luckily nothing happened afterwards but still)

@SidTheITGuy it was for a dummy project u dumbass im testing shit on my own github and learning how vault is used properly cause no tutorial ever explains this for production, they all explain only for development

@Bibbit im testing and learning how vault is used on a dummy project because no tutorial ever teaches this, i have to experiment myself, all shit tutorials teach only for development and just assume i know how to mold this bullshit to work for production. No i fucking dont you dumbass indian tutorial guy. Deploying for production takes a lot more work and configuration of the exact same bullshit code that it took to work for dev mode

The same happened with my Google Maps API Key when I tried to share with my team...
I had to remove it after two email notifications

This is how they know:
https://docs.github.com/en/...

Other providers have similar mechanisms in place.

@b2plane then say these things in ur original post. What's this clickbait thing you're trying out here?