elastic-ci-stack-for-aws icon indicating copy to clipboard operation
elastic-ci-stack-for-aws copied to clipboard

Published 20 hours ago verified publisher icon buildkite

By default the AMI should not be public

Open patrobinson opened this issue 8 years ago • 4 comments

The ami_group setting for the Agent is all by default https://github.com/buildkite/elastic-ci-stack-for-aws/blob/326c4a81367de24db63f2e1f04a894327f006bb9/packer/buildkite-ami.json#L13

This means each AMI built from this template is publicly visible. This could present a potential security issue if someone were to:

  • Fork this repo or copy this template
  • Add secrets (usernames/passwords/api keys) to the AMI

As the AMI would be publicly accessible, this could result in those secrets baked into the AMI being leaked. While that's not best practice, it seems best to prevent this mis-configuration by not making the AMI public by default. Optionally a packer variable could be used to control whether or not to make the AMI public, with the default not to.

patrobinson avatar Aug 11 '17 01:08 patrobinson

We've really tried to avoid supporting forks, but I hear you. I think I'd be ok with making this a packer variable though.

lox avatar Aug 11 '17 01:08 lox

I'm not saying you should support forks, just saying I want to make it hard for people to do the wrong thing :)

patrobinson avatar Aug 11 '17 01:08 patrobinson

In practice that is the same thing :)

lox avatar Aug 11 '17 01:08 lox

That said, I think this is a good idea. 👍🏻

lox avatar Aug 11 '17 03:08 lox