TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

[plugin/route53] Deprecate plaintext secret in Corefile for route53 plugin (#5228)

Browse source 
This PR deprecates plaintext secret in Corefile for route53 plugin (`aws_access_key`).
Since using environmental variables of `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
have already been available, no other changes other than deprecation is needed.

This will avoid saving plaintext secret in Corefile which could be
of security concern.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
This commit is contained in:
Yong Tang 2022-03-11 11:32:44 -08:00 committed by GitHub
parent 4b597f8308
commit 6bb2db758f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
plugin/route53/setup.go
View file

@ -80,6 +80,7 @@ func setup(c *caddy.Controller) error {
SecretAccessKey: v[1],
},
})
log.Warningf("Save aws_access_key in Corefile has been deprecated, please use other authentication methods instead")
case "aws_endpoint":
if c.NextArg() {
endpoint = c.Val()