Y
Hacker News
new
|
ask
|
show
|
jobs
by
prattbhatt
4445 days ago
Yes, someone with your access and secret keys can spin up instances, create buckets, and do everything else that the stolen keys are authorized for.
1 comments
ceejayoz
4445 days ago
Which is why most things should be done with IAM keys specifically locked down to minimal privileges.
link
jes5199
4445 days ago
Apparently I have access keys that predate the release of IAM ! Fortunately there's a convenient "disable" link on security keys page.
link
prattbhatt
4445 days ago
Agreed
link