|
|
|
|
|
|
by kkl
60 days ago
|
|
|
> "we can't have service accounts" To be clear: This is not my position! I advocate for service accounts in my post: > It is much harder to reason about, say, the security of an arbitrary Engineer's laptop than it is an EC2 instance that exists exclusively to tell KMS to sign something. > So every time we fire or lay off the person whose name is on the automation, we need to rotate the keys? If a person previously had access to the key and knowledge of the key gives you control over that automated workflow, is that key (and by extension that workflow) still worth trusting? |
|
|