It's such an issue that I believe AWS scans every commit pushed for secrets and disables them.

I know because I accidentally pushed a secret myself. Mistakes like that can happen super easily when it's a simple project and you've not setup all your things correctly.