Don’t Commit Your API Keys to Git with this Simple Technique

I’m sure you’ve read the stories of people that accidentally committed their AWS keys to a public Git repo and how costly this mistake can be.

Some random script kiddy scans GitHub for projects that contain API keys, steals the key and uses it to deploy instances that mine cryptocurrency, running up huge bills.

Ouch!

This problem can be avoided with this simple technique.

Store Config in the Environment