| ▲ | raw_anon_1111 7 hours ago | |
My workflow even before Claude code. 1. I never use permanent credentials for AWS on my local computer. 2. I never have keys anywhere on my local computer. I put them in AWS Secret Manager. 3. My usual set of local access keys can’t create IAM roles (PowerUserAccess). It’s not foolproof. But it does reduce the attack surface. | ||