Topic on Talk:PAWS

Secrets mangement

2 comments • 17:54, 21 May 2020 4 years ago
2
Abbe98 (talkcontribs)

What's the best way to use secrets (API keys, etc) in PAWS? Are .env files published in the public space? Is terminal input logged?

Reply 14:45, 20 May 2020 4 years ago
Chicocvenancio (talkcontribs)

Best way is to not do it.

PAWS admins, Toolforge roots and Cloud Service roots will have access to everything in PAWS if they try.

You can use unix file permissions to deny read from other toolforge users and the paws-public endpoint. Just make the file readable only to the user and it will be "private" to a dozen or so people.

Reply 17:54, 21 May 2020 4 years ago
Reply to "Secrets mangement"
Retrieved from "https://www.mediawiki.org/wiki/Topic:Vmq103hj1xvwxd1m"