This is one huge security trap. Using root security credentials, completely open buckets, cloning random services, then giving them access to those root credentials.
Google Developer Expert | Auth0 Ambassador | Media Developer Expert at Cloudinary | Twilio Champ | Technical Coach at SpringBoard | Google Women Techmaker | Postman Supernova | AWS | Microsoft MVP
Thanks for the feedback I have erased those steps, but just to clarify you are making it seem with your word "trap" like I want to trick them for me to steal their credentials which is not true. FYI They are not cloning any random service. They are cloning the repo with the structure of the project so they don't have to do it themselves since I assume they already know some nodejs and angular as I specified in the beginning of the tutorial that is was a requirement.
Hmmm, looking closer, it's still using root credentials. You really should at least put a big "never ever, ever do this, use roles" warning in there (or better, show the steps).
Google Developer Expert | Auth0 Ambassador | Media Developer Expert at Cloudinary | Twilio Champ | Technical Coach at SpringBoard | Google Women Techmaker | Postman Supernova | AWS | Microsoft MVP
I'm gonna add that to the note I have at the top "...without getting in debt in IAM and other security stuff that will make this tutorial even longer. If you want to learn more about that, please do some extra research." Thanks for the feedback
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This is one huge security trap. Using root security credentials, completely open buckets, cloning random services, then giving them access to those root credentials.
Stay well clear.
Thanks for the feedback I have erased those steps, but just to clarify you are making it seem with your word "trap" like I want to trick them for me to steal their credentials which is not true. FYI They are not cloning any random service. They are cloning the repo with the structure of the project so they don't have to do it themselves since I assume they already know some nodejs and angular as I specified in the beginning of the tutorial that is was a requirement.
It was maybe worded a bit harsh, sorry. Thanks for fixing it.
Hmmm, looking closer, it's still using root credentials. You really should at least put a big "never ever, ever do this, use roles" warning in there (or better, show the steps).
I'm gonna add that to the note I have at the top "...without getting in debt in IAM and other security stuff that will make this tutorial even longer. If you want to learn more about that, please do some extra research." Thanks for the feedback