This message was deleted.

If not using Terraform Cloud but maybe using A CI like GitHub Actions you can use OIDC also with GitHub

Yes It is the best aproach. Use of Key has to be the last option. But there are a lot of projects using harcoded credencials.