Y
Hacker News
new
|
ask
|
show
|
jobs
by
merb
3491 days ago
> On servers in a text file in ~/.aws/credentials (where a lot of tooling saves AWS credentials)
well that sounds clever.
1 comments
alexsmolen
3491 days ago
Yeah, I think it’s tricky to figure out how to place it somewhere that attackers would look but AWS tooling wouldn’t, by default, since otherwise they may be used in legitimate operation.
link
philsnow
3490 days ago
non-[default] profile seems like it would work. I don't think aws-sdk/boto/etc will use non-default creds if you don't explicitly tell it to.
link