Reply to post:

Amazon Drive bans rclone storage client

Adam 52 Silver badge

Inadvertently committing API keys is easy. That quick one-off script with embedded credentials because it was only supposed to take a couple of minutes to write and then be discarded, or later version that reads from config but the config lives in the same directory and got swept up in a git add. Or when your tried and trusted .gitignore got left behind.

Or you coded everything right but put a screenshot of the config file in the documentation to show others how to do it, because you're conscientious like that.

It's a problem because even the simplest credentials file rapidly becomes too complex to remember so a template needs to be stored somewhere.

AWS would push server roles, but that comes with a whole load more 'anyone who compromises one server compromises all the cloud stuff it has access to' issues.

As with all these things; there are those who've done it, those who will do it and Reg commentards who criticise from the sidelines.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021