Leaked Datadog API Key and Application Key

Hi all,

Datadog guys informed us that there was a Datadog API key and a Datadog App key that were exposed in one of our Github commits in public repository:

https://support.gitguardian.com/ticket/a0563bffc2d0e92924a76fbeed8049f0dc431f38cd8437b59d9ee3b1d05169fb
https://support.gitguardian.com/ticket/367be7d84e0d168867788c53d291fd963eba3b6f564437759c666d9e2a342e51

For security reasons we need to revoke these keys and create a new one. Those keys are used in "Traveloka - Prod" organization, so other organizations won't be affected.

Note: "Traveloka - Prod" Datadog organization != "tvlk-prod" AWS account.
"Traveloka - Prod" organization receives metrics from all production AWS accounts.

The application key is already revoked. But for API key, because it is used in all (or almost all) instances in production, we have to:

change the stored API key in parameter store [DONE]
update Datadog agent config for production environment:

for ASG:

change the parameter store for Datadog API key (this is DONE for tvlk-prod AWS account)
redeploy ASG instances

for non-ASG (please see https://app.datadoghq.com/account/settings#api to get another API key, other than "java-prod" key):

run playbook to change the Datadog agent config
restart the agent

revoke API key

So, please update the Datadog agent config ASAP, because we will revoke the API key on Friday 23.59 (2019-09-13) GMT+7. If your instances still use the old API key, the metrics from those instances won't be received by Datadog.

Thank you!