|
|
|
|
|
|
by ypolito
2673 days ago
|
|
|
I hope vendors like DigitalOcean would provide more fine tuned access controls in their APIs. Certbot, which I have setup to automatically renew my wildcard Let's Encrypt certificates, has access to my master API key on DO. I try to follow the best practices in keeping it safe, but I'd prefer if that specific API key would only have the required privileges to modify a set of specifically named TXT records and nothing more. |
|
|