But then you need creds to access AWS SSM, Vault, etc., and those end up getting stored the same way the actual creds you needed were being stored, and you're back at square one.
replyNah you can get machine creds automatically via the metadata service when running inside AWS. Nothing need be on disk.
replyThat's still not any better.
replyIf the LLM can run any code it writes itself, it can retrieve those credentials. It's just one `curl` away. If you don't let it run `curl`, but you let it run `python`, it can just run a Python script that fetches it using `requests`. Or a Node script that calls `fetch`.
Point is, if creds are accessible programmatically, the LLM can and may try to retrieve them if it thinks it needs them.
Aws credentials are short lived precisely so that leaking them has a time limited blast radius.
replyAutomatic retrieval, instead of keeping them on disk, is what makes short lived credentials possible.
I'm not convinced that time-limiting the blast radius matters. It just means that malicious use of the credentials has to be automated, and that's a pretty damn low bar.
reply