Menu
Is it safe for me to store my Amazon S3 keys/secrets in a private Github repo? I know that it is not safe for a public repo but I am wondering if a private repo is safe?
255
As mentioned in GitHub Security page:
We do not encrypt repositories on disk because it would not be any more secure: the website and git back-end would need to decrypt the repositories on demand, slowing down response times
So if there is any leak (like in 2012), your data is out as well.
You can see that approach being criticized in this thread.
I would recommend an external service that you control for your secrets.
For instance, HashiCorp Vault is a good one.
132
@vonc is correct but if dont want to setup and maintain vault, you can consider using aws parameter store (https://aws.amazon.com/ec2/systems-manager/parameter-store/) to store your secrets keys which is lot easier.
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
