1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
1
It is not a must to use Node.js as backend to store credentials. When setting credentials in a browser, make sure not to hard code credentials (e.g., access/secret keys for IAM users). Also, always grant the least privilege required for your task.
We do not recommend hard coding your AWS credentials in your scripts. Hard coding credentials poses a risk of exposing your access key ID and secret access key.
The recommended way to obtain AWS credentials for your browser scripts is to use the Amazon Cognito Identity credentials object, AWS.CognitoIdentityCredentials. Amazon Cognito enables authentication of users through third-party identity providers.
답변함 2년 전
Like I saw documentation of AWS Webpack can we use that and store all the credentials in .env file is it safe or not?, and with webpack we build bundle.js that way is secure?
You can store credentials that way and the instruction is provided here. But it's for Node.js. For front end code, again don't hard code credentials. Also, I am assuming you would use IAM user credentials there. Make sure to rotate credentials on a regular basis and secure access to the application server. If you are running that on an EC2 instance, you can simply attach an instance profile so there is no need to use long term (IAM user) credentials. It auto rotates credentials for an IAM role (short-term credentials).