|
|
|
|
|
|
by paranoidrobot
1611 days ago
|
|
|
Having IAM keys in your secrets isn't insecure. However you now have long-lived keys. They tend to get used across multiple projects, and despite the best practice being to rotate keys frequently, it's rarely done. You also have no idea who has them, and without the use of, say, Cloudtrail, you don't know if anyone is using them (even Cloudtrail might not pick up on everything) The approach here is to get short-lived keys, when they are needed. |
|
|