DEV Community

Discussion on: Why not to create db asset from code

Collapse
mattschwartz profile image
Matthew Schwartz

This is an excellent point. All security, for every system in the stack, should be as restricted as possible.

I mostly work on large scale SaaS applications. We never let our application code create or destroy database assets on deployment. Typically we commit db migration scripts with the code but run those migrations separate from the app deployments under a special user account.

Collapse
developerhelp profile image
developer-help Author

True Matthew,

Most of the places this is hyped one size fits all kind of concepts.
I just saw this post on server side. Thought of sharing that it is not just wise to fall in because technology widget enable it.

theserverside.com/video/3-ways-to-...