מכרזים

Best practices for using AWS access keys

AWS access keys enable us to use programmatic or AWS CLI services in a manner similar to using a username and password.

AWS access keys have account privileges – for better and for worse.

For example, if you save access keys (credentials) of a root account inside code, anyone who uses this code can totally damage your AWS account.

Many stories have been published about security breaches due to access key exposure, especially combined with open source version control systems such as GitHub and GitLab.

In order to avoid security breaches, here is a list of best practices for securing your environment when using access keys:

 

Eyal Estrin
Eyal Estrin is a Cloud Architect.
He joined IUCC in December 2017 and his main focus is promoting and supporting cloud services in Universities in Israel. He brings with him more than 20 years of experience in the IT and information security field.
Follow him at @eyalestrin