external-dns icon indicating copy to clipboard operation
external-dns copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

Do not expose the AWS role external id in the logs

Open iul1an opened this issue 6 months ago • 4 comments

Description

This change conceals the AWS ExternalId from application logs to mitigate security risks, as exposing this identifier could enable attackers to exploit it for unauthorized cross-account access or privilege escalation.

Fixes https://github.com/kubernetes-sigs/external-dns/issues/4277

Checklist

  • [ ] Unit tests updated
  • [ ] End user documentation updated

iul1an avatar Aug 27 '24 16:08 iul1an