re: Where do you keep credentials for your Lambda functions? VIEW POST

re: security is typically "an onion", so it's a matter of how much hardening that you want. if you store the credentials as lambda, then anyone who can...

thank you very much for your detailed comment. of course as almost everything in programming it depends on the specific use case and requirements.
I like the example of security as an onion and reminds me of the swiss cheese paradigm. ( every layer of security might - and will - have holes. we must be sure these holes don't align ).
The last part of your comment is also somehow similar to what described in the AWS Security Workshop i attended at the Serverless Days i blogged about here.

code of conduct - report abuse