this post was submitted on 15 Jun 2023
6 points (100.0% liked)
Cloud Security
699 readers
1 users here now
Preventing storms.
Rules
- Be excellent to each other!
- Use the article title as the submission title. Do not editorialize the title or add your own commentary to the article title.
- No vendor spam. Zero tolerance for content marketing.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I think access keys are a legacy authentication mechanism from a time where the objective was increasing cloud adoption and public clouds wanted to support customers to transition from on prem to cloud infra.
But for cloud native environments there are safer ways to authenticate.
A data point: for GCP now Google also advise new customers to enable from the start the org policy to disable service account key creation.