9 points | by arkadiyt 11 hours ago ago
1 comments
> permitted a single ECS task role "read access to every secret in the account, including the production Redshift master credential."
...
> noting that the stolen information was old and consisted mostly of non-critical details
So I guess 'mostly' is doing a lot of heavy lifting, and they hadn't rotated the credentials in a long time
> permitted a single ECS task role "read access to every secret in the account, including the production Redshift master credential."
...
> noting that the stolen information was old and consisted mostly of non-critical details
So I guess 'mostly' is doing a lot of heavy lifting, and they hadn't rotated the credentials in a long time