Hi! Question about Prefect blocks, security and co...
# prefect-community
Hi! Question about Prefect blocks, security and confidentiality. When we use, let's say S3 or Amazon blocks, it is necessary to provide access keys to the Prefect. In theory, with those keys Prefect team can secretly access our files and do with them whatever the heart desires. Is there anything other than gentlemen's agreement that can guarantee that Prefect team won't perform such shenanigans?😁
It’s not necessary. We use short-term credentials provided by our environment instead of storing long-term credentials in Prefect.
upvote 2
Prefect takes security sand privacy very seriously. Read all about it here. Oliver’s suggestion on limiting the lifetime of credentials is also a security best practice.