In AWS, when you create a user in IAM and you give that user ‘programatic’ access, AWS will give you that user’s API key. there are two major rules one must follow with the API key.
- NEVER hard code your API key into your code.
- Never store your API unencrypted.
To help with #2, in Linux you can just use GPG
First install it, for Ubuntu:
sudo apt-get install gnupg2 -y
#or for RHEL:/Centos
yum install gnupg2
and then just run it against the text file where your API keys are:
- Encrypt the file with the command
gpg -c API.txt
- Enter a unique password for the file and hit Enter.
- Verify the newly typed password by typing it again and hitting Enter.
4. Looking at the output of an an ls -hal the original file is still there; so
rm -rf API.txt
5. When ready, Decrypt the file with the command