Y
Hacker News
new
|
ask
|
show
|
jobs
by
ZiiS
23 days ago
It is your development machine's AWS keys they want. The server's keys should be too finly scooped anyway.
2 comments
troad
23 days ago
Not likely to be a major risk if you update every few months, to some major version that's already over a month old.
link
wavemode
23 days ago
I would imagine it's the opposite. Most dev's machines can't query the prod database, for example, whereas a prod server can.
link
erikerikson
23 days ago
Nope, they've been targeting credentials so they can deploy whatever they like into prod. They prefer the build machine with it's broader rights than the individual dev boxes.
link