https://platformengineering.org logo
Title
v

Vicente

03/24/2023, 10:29 AM
Hi there I have improved the security of my terraform cloud workspaces and my AWS account by switching from AWS credentials (client_id and client_secret_id) to Dynamic Credentials maybe it will help you to improve the security in your projects : https://medium.com/@vivazmo/terraform-cloud-dynamic-credentials-for-aws-e492efaf529d
a

Andre Marcelo-Tanner

03/24/2023, 5:47 PM
If not using Terraform Cloud but maybe using A CI like GitHub Actions you can use OIDC also with GitHub
v

Vicente

03/25/2023, 8:04 AM
Yes It is the best aproach. Use of Key has to be the last option. But there are a lot of projects using harcoded credencials.