New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Token-storing off-server magic vault thing #529
Comments
I've been vaguely thinking about this. The root of the problem here is that any such system will rely on having a data store/environment that you can insert to, but that you cannot retrieve from. I can't think of any of those off the top of my head. |
The idea was a lambda + dynamodb IIRC |
Whoever runs it will probably be able to access them, but the benefit from moving tokens over would be a much-reduced attack surface. It'd be only a few web routes, no DB access from metasmoke (so no attack surface for database dumps), no automatic deploys, etc. No way for even MS deployers to ever get access, so definitely no way for attackers to get it. tl;dr - |
If whoever's hosting will probably still be able to access them, that makes it significantly easier. Two options come to mind:
Guess which one's probably the sensible option :) |
I've built a little thing for this. It's got three routes:
I also wasn't sure if we used no_expiry tokens or not, so the ones for this beta do expire. Beta instance up here: https://btmi925fb2.execute-api.us-east-1.amazonaws.com/default |
Wow, that was fast @thesecretmaster. We do use no_expiry (
|
@Undo1 Do we want to just move over, or think of a neat gradual moving procedure? |
Details to come. @Undo1 write some stuff here in the morning.
The text was updated successfully, but these errors were encountered: