Y
Hacker News
new
|
ask
|
show
|
jobs
by
alexsmolen
3482 days ago
Yeah, I think it’s tricky to figure out how to place it somewhere that attackers would look but AWS tooling wouldn’t, by default, since otherwise they may be used in legitimate operation.
1 comments
philsnow
3482 days ago
non-[default] profile seems like it would work. I don't think aws-sdk/boto/etc will use non-default creds if you don't explicitly tell it to.
link