请问HN:AWS账户在进行修复后仍被限制18小时(案例177385077300217)
我们的初创公司(Qcart)目前在多个国家面临100%的生产停滞。18小时前,由于暴露的CircleCI访问密钥,AWS信任与安全团队限制了我们的账户。
时间线:
18小时前:收到关于密钥暴露的通知(与一个circleci-eb用户相关)。
我们删除了IAM用户及所有关联的密钥,并在支持案例中确认了修复情况。
当前状态:完全没有回应。支持人员不断表示“专业团队正在调查”,但在我们的业务濒临崩溃的情况下,我们没有收到任何更新。
我们已经更换了所有凭证,并确认没有其他未经授权的访问。我们是一个小团队,这18小时没有来自安全团队的人工回应的延迟对我们来说是毁灭性的。
请问AWS的工作人员有没有建议,如何才能让人类实际审查已解决的安全问题?
案例ID:177385077300217
任何帮助或信息都将不胜感激。
查看原文
Our startup (Qcart) is currently facing a 100% production outage across multiple countries. AWS Trust & Safety restricted our account 18 hours ago due to an exposed circleci access key.<p>Timeline:<p>18+ hours ago: Received notification of exposed keys (linked to a circleci-eb user).<p>We deleted the IAM user and all associated keys. Confirmed remediation in the support case.<p>Current status: Total silence. Support agents keep saying "the specialized team is looking into it," but we have had zero updates while our business is dying.<p>We have already rotated all credentials and verified that no other unauthorized access exists. We are a small team and this 18-hour delay with no human response from the security team is devastating.<p>Does anyone at AWS have advice on how to get a human to actually review a resolved security flag?<p>Case ID: 177385077300217<p>Any help or visibility is greatly appreciated.