Use AWS IAM roles instead of access keys
I believe it would be possible for cloud66 to have one AWS account with it's own keys (managed by cloud66) and we the customers would have to add a trust relationship in our IAM roles for that account. Then when a new stack is launched cloud66 code would assume the role specified by the user to do it's work instead of using API keys. This is also how future deploys and edits would work.
This is following the AWS best practices. The goal being that we don't need to give out AWS keys.
1
vote
Trevor Dorsey
shared this idea
-
Trevor Dorsey commented