I work as a software engineer alongside a devops engineer who manages our AWS infrastructure. Recently, I encountered an issue while running integration tests where the access keys were set to expire every 15 minutes. This led to frequent test failures. The devops engineer's rationale was that this setup mitigated the risk of accidentally sharing keys or exposing them in a repository. While I understand there are risks associated with access keys, I feel that this level of security might be excessive. I'm curious to know if this is a common practice among other devops professionals, or if I'm overreacting to the situation.
*Edit:* Thanks to everyone's feedback! Here's what I gathered:
- A key expiration of 8 to 12 hours seems more reasonable.
- Using IAM roles could enhance security while providing flexibility.
- AWS SSO might also be a useful alternative.
I'll be looking into IAM roles and SSO. Thanks again for your help!
4 Answers
Fifteen minutes feels overly cautious to me. In my experience, a duration of 1-12 hours for keys is much more practical. Dev and CI keys can have different expiration times, but also, if you're running integration tests in a CI pipeline, it's best to ensure unique keys are generated for each job to keep everything secure.
Totally get where you’re coming from. It's not unheard of to use short-lived keys, particularly in test setups. But fifteen minutes does sound a bit extreme! I think many teams go for about 8-12 hours because it's a balance between security and usability. If the access keys are scoped correctly, that can help reduce the risk even further. Definitely worth exploring IAM roles for added security!
Hey! Yeah, it's definitely considered bad practice to rely on long-lived AWS access keys. A lot of folks in dev environments prefer using IAM roles to provide temporary access instead. This approach generally keeps things more secure while minimizing risks. It sounds like you might want to dive deeper into how IAM roles can get you short-term credentials without hassle!
As an infra engineer, I'd suggest checking how you're obtaining those keys. Are they from IAM Identity Center (SSO), or are they static? Ideally, you want your code to handle credential expiration and refreshing securely. Most folks expect short-lived credentials nowadays, so it’s pretty much a standard practice!
That's a great point! I hadn't considered that about the CI jobs generating unique keys. I think I'll bring that up with the team.