Provide a way to the validation key and data bag secret from S3 #237
Conversation
|
👍 |
1 similar comment
|
👍 |
|
@jkeiser, can you take a look? This adds cloud bootstrap features for the following:
@eherot, one concern I have is that the validation key is not encrypted and there's no guarantee access to the storage isn't wide open. This could be remedied with a separate |
|
@danielsdeleo, @mcquin, what do you think of the data bag feature here. Is this consistent with usage of the new data bag features of knife? |
|
@adamedx as far as I'm concerned, security of the key is the responsibility of the uploader (who would also be setting the access policies). For us, requiring yet another key to decrypt the validation key would sort of defeat the purpose of this distribution model. We (and I suspect many other software services startups) already trust S3 with a great deal of our most sensitive data, so the idea of storing a plain-text private key there didn't seem like much of a leap. |
|
mostly agreed on security of key @eherot, but I'm wondering if we could add an additional subcommand to automate the uploading of the key so that it is has minimal accessibility. At a minimum, we should provide instructions for that (i.e. what's a good example command line for uploading the key, and the recommended permissions on the bucket, etc.). Once you get into that territory though the next step is to automate. |
|
@adamedx I'd be more in favor of simply updating the docs to describe the recommended permission sets to use. I'll go ahead and submit that change. |
|
@adamedx part of the trick here is that everyone does assigning permissions a bit differently, and we can only choose a single set of permissions to provide as part of said automation. I'd agree with @eherot here and land on the side of good docs, which provide what you must create (if you have no permissions set) or add (if you do) to safely store the key in S3. |
No description provided.