As an infrastructure tool that requires access to your cloud provider we understand there may be questions around our processes and procedures. Our team has a background in fintech and financial services and is applying best practices learned in these industries to ensure security is handled as best it can be. In addition, we use SteadyBricks for our own infrastructure, to more closely align our security concerns with those of our customers.
SteadyBricks leverages something called Cross Account IAM Roles to sync information about your infrastructure resources. This means we don't store sensitive information like account access keys and access key secrets in order for you to use SteadyBricks. This method is the AWS recommended approach and is detailed in-depth by AWS here for you to learn more. When you grant access to your AWS account to SteadyBricks by running the provided CloudFormation script, it creates a cross-account role with in-line policies selected by SteadyBricks. Should you have any other questions please feel free to email us at support@steadybricks.com.