[plugin/route53] Deprecate plaintext secret in Corefile for route53 plugin (#5228)

This PR deprecates plaintext secret in Corefile for route53 plugin (`aws_access_key`). Since using environmental variables of `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` have already been available, no other changes other than deprecation is needed. This will avoid saving plaintext secret in Corefile which could be of security concern. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
author: Yong Tang <yong.tang.github@outlook.com> 2022-03-11 11:32:44 -0800
committer: GitHub <noreply@github.com> 2022-03-11 11:32:44 -0800
commit: 6bb2db758fd83187bf44582ae15ea923a1e02df4 (patch)
tree: 6308048274562a0d7708656ff04cc9e3d6f2860b /plugin/route53/setup.go
parent: 4b597f8308d8d7cecb538e9831d77117da68c04e (diff)
download: coredns-6bb2db758fd83187bf44582ae15ea923a1e02df4.tar.gz
coredns-6bb2db758fd83187bf44582ae15ea923a1e02df4.tar.zst
coredns-6bb2db758fd83187bf44582ae15ea923a1e02df4.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/plugin/route53/setup.go b/plugin/route53/setup.go
index ec775680c..31176039a 100644
--- a/plugin/route53/setup.go
+++ b/plugin/route53/setup.go
@@ -80,6 +80,7 @@ func setup(c *caddy.Controller) error {
 						SecretAccessKey: v[1],
 					},
 				})
+				log.Warningf("Save aws_access_key in Corefile has been deprecated, please use other authentication methods instead")
 			case "aws_endpoint":
 				if c.NextArg() {
 					endpoint = c.Val()
author	Yong Tang <yong.tang.github@outlook.com>	2022-03-11 11:32:44 -0800
committer	GitHub <noreply@github.com>	2022-03-11 11:32:44 -0800
commit	6bb2db758fd83187bf44582ae15ea923a1e02df4 (patch)
tree	6308048274562a0d7708656ff04cc9e3d6f2860b /plugin/route53/setup.go
parent	4b597f8308d8d7cecb538e9831d77117da68c04e (diff)
download	coredns-6bb2db758fd83187bf44582ae15ea923a1e02df4.tar.gz coredns-6bb2db758fd83187bf44582ae15ea923a1e02df4.tar.zst coredns-6bb2db758fd83187bf44582ae15ea923a1e02df4.zip