all InfoSec news
Enhanced Security — Safeguarding AWS Access in GitHub Actions
July 27, 2023, 4:45 p.m. | Hafiz Patwary
System Weakness - Medium systemweakness.com
Enhanced Security — Safeguarding AWS Access in GitHub Actions 🪪
The fastest way to access AWS infrastructure from a GitHub Actions workflow is by utilizing AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY. This method requires manually storing the access keys as GitHub secrets.
While this method is quick, it poses challenges in collaborative environments, as someone (or an automated process) must handle these secrets, creating a potential vulnerability with direct access to the credentials.
Static credentials method ❌:
https://medium.com/media/9a966ffd1fb6c7bcee75c2eb068ea837/hrefA more secure method to …
More from systemweakness.com / System Weakness - Medium
OSI Model & TCP/IP Comparison
3 days, 21 hours ago |
systemweakness.com
First AD home lab
4 days, 18 hours ago |
systemweakness.com
Clocky | TryHackMe Write-up
5 days, 16 hours ago |
systemweakness.com
Tuesday Morning Threat Report: Apr 30, 2024
5 days, 16 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Offensive Security Engineering Technical Lead, Device Security
@ Google | Amsterdam, Netherlands
Senior Security Engineering Program Manager
@ Microsoft | Redmond, Washington, United States
Information System Security Analyst
@ Resource Management Concepts, Inc. | Dahlgren, Virginia, United States
Critical Facility Security Officer - Evening Shift
@ Allied Universal | Charlotte, NC, United States
Information System Security Officer, Junior
@ Resource Management Concepts, Inc. | Patuxent River, Maryland, United States
Security Engineer
@ JPMorgan Chase & Co. | Plano, TX, United States