Is the deployment safe when all credentials are Public

[SumayaG]

In the npm run build stage Create react app builds all the files including the config.js which has all the credentials like the POOL_ID, client ID etc. We then deploy this to a S3 bucket which is publicly readable. So anyone can get access to these ID's. Is this safe? I am just used to heroku where heroku sets all the config keys and are not a part of the public code. Am I missing something here? Sorry, I am new to AWS.

[jayair]

@SumayaG The ids are public but the credentials to access them are not. You should be fine as long as you are not exposing your IAM keys.