Hacker News new | ask | show | jobs
by bvandewalle 2210 days ago
if it is an instance on the cloud, GCP and AWS let you define ServiceAccounts that get populated on the Instance at boot time.

you should only let the instance access the secret it requires.
1 comments
rdslw 2209 days ago
and how do you manage secrets that let you define that ServiceAccounts?

As OP wrote, you did not solve it, just moved it to a different level.

link