08/25/2022, 11:38 AM
Hi! Question about Prefect blocks, security and confidentiality. When we use, let's say S3 or Amazon blocks, it is necessary to provide access keys to the Prefect. In theory, with those keys Prefect team can secretly access our files and do with them whatever the heart desires. Is there anything other than gentlemen's agreement that can guarantee that Prefect team won't perform such shenanigans?😁

Oliver Mannion

08/25/2022, 12:34 PM
It’s not necessary. We use short-term credentials provided by our environment instead of storing long-term credentials in Prefect.
:upvote: 2

Jeff Hale

08/25/2022, 2:03 PM
Prefect takes security sand privacy very seriously. Read all about it here. Oliver’s suggestion on limiting the lifetime of credentials is also a security best practice.