On 2014-02-18 15:12, Smith, David wrote:
I think Yves meant, that there's no way to password-protect individual EC2 credentials, not SSH keys.
Correct.
The least-bad thing I've been able to think of, is making sure the credentials are rotated regularly, and stored in such a way that it's not too much of an inconvenience when you have to change them once a month. (Write all your Amazon scripts in such a way that they pull in a single file with the Amazon API keys, IAM credentials, whatever, so that when you change them you only have to change them in one place and they can be changed relatively quickly when needed.)
Hmmmm... slightly less bad I guess. -- Yves. _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
