|
|
|
|
|
|
by drjasonharrison
1637 days ago
|
|
|
Rather than use a password manager, or credential store, or some other secure way to keep these credentials safe while providing access to internal developers for development purposes, they put them on S3. Here's an example I have seen:
- env file is needed for development to run a service on development machine and to access the staging deployment
- the credentials in the env file aren't per-developer because that requires work to setup accounts for every developer with the staging hosting service
- so make a copy of the credentials, put them in an env file on the NAS
- NAS isn't available from home or from other network locations
- so make a copy of the env file in the cloud If the S3 bucket hadn't been public they probably would have been fine. |
|
|