|
|
|
|
|
|
by lokar
42 days ago
|
|
|
You don't need the same permissions in prod and dev. And in both cases, the humans don't need direct access to the raw CSP API. Use a local proxy that adds more safety checks. In dev, sure, delete away. In prod, check a bunch of things first (like, has it been used recently?). Humans do not need direct access to delete production resources (you can have a break-glass setup for exceptional emergencies). |
|
|