amazon web services - Storing API credentials -


how 1 store api credentials in way cannot hacked? example, aws keys, or google cloud keys?

in production use (say heroku or ec2 instance), if have github repository, can hacked. idea?

you don't ever commit credentials code. in heroku example set them config variables , code pull values environment when needed.

in aws do similar, or use aws kms service or aws ssm parameter store. also, on aws when accessing other aws services use iam roles assigned resources instead of using credentials directly.


Comments

Popular posts from this blog

angular - DownloadURL return null in below code -

meteor - inserting data to database gives error "insert failed: Method '/texts/insert' not found" -