What is an API key — CCA-F Exam Prep

L1.04✨ 0

REAL STORY A developer's laptop screen showing a GitHub commit. Line 847 is highlighted in red with a string that looks like 'AKIA3E...' (an AWS key). In the background, a phone buzzing with AWS billing alerts. Dark room, blue screen glow.

A developer's laptop screen showing a GitHub commit. Line 847 is highlighted in red with a string that looks like 'AKIA3E...' (an AWS key). In the background, a phone buzzing with AWS billing alerts. Dark room, blue screen glow.

Line 847. $14,000. 12 minutes.

A developer pushed code to GitHub. A public repository. 847 lines of Python. Somewhere in the middle, hardcoded: his AWS API key.

Bots that crawl GitHub for exposed keys found it in 12 minutes. They spun up cryptocurrency mining servers on his AWS account. By the time he woke up: $14,000 in charges.