Dynde
Reputation: 2674
Amazon S3 accesskey storage?
I'm building a web application using amazon S3 as storage, and I was wondering if it's safe having the access key and the secret access key in plain text static string in the source code? I might be paranoid, but I'm not quite sure if I'm basically just handing out the access keys by doing this.
Upvotes: 0
Views: 110
Answers (1)
Porco
Reputation: 4203
I'd put it in an app config or DB, that way you can change it if it gets compromised.
Upvotes: 2
Related Questions
- how to set accessKeyID for an Amazon S3 client in C#?
- Accessing AWS resources securely using the AWS SDK for .NET
- Providing access to S3 without having an access key/secret?
- How to validate AWS accesskey, secret key using c#
- Uploading to Amazon S3 without access & secret key
- Authenticate Amazon S3 bucket with C# using AWSSDK.S3
- Amazon S3 server side encryption
- Amazon S3 - Where we need to store Access and Secret Keys?
- Using S3 Storage with .NET
- Deploy C# client application (S3) with Amazon AWS secret key?