|
|
|
|
|
|
by larusso
1696 days ago
|
|
|
We have the rule to limit down shared and manual maintained users in all our services. More so we not only want to limit down the attack vector but also are able to know where a potential breach came from. A shared IAM role coming from an ansible vault or git crypt repo does not cut it. Also the credentials valid to the end of time. There is also on and off boarding issues. A person which has access today should have his access easily being revoked if necessary. With shared tokens that is super hard to maintain. |
|
|