We are using prefect cloud for our org. If we use Git or Github storage, I believe the GITHUB_ACCESS_TOKEN is going to be stored on prefect cloud server? That’s basically like allowing prefect access to our private repos. Is there a way to avoid storing the access token on the cloud?

You can set it as local secrets which aren’t stored by us. This needs to exist in the place running the Flow.

thanks! We will be running our flows on ECS. Is it a good idea to use Git/Github storage with ECS? The other option is to use Docker storage, and I already have a test flow working with that. But I feel that using Git storage may offer greater flexibility for development/testing.

I agree that GitHub Storage allows for more flexibility because this way you separate flow code storage from code dependencies (docker image) - docker storage combines it into one which is less flexible, but also more convenient for some use cases - so there's a trade off here and you would need to choose based on your preference