The fact that they put their AWS secret keys on their website is incredible.
The fact that it's nicely commented is even more so. Check out the other environment configs commented out, are they doing this by hand? Wild.
That’s exactly the kind of work I’d expect from TCS, I’m not sure why you are surprised.
Even more importantly, why do the root keys expose EVERYTHING? Do they just have one account for all of their infra?
Sending it with AES encryption(with the key that the client has access to) makes it even worse, as someone knew this shouldn't be shared to client yet they shared it anyway.
If you’ve ever worked with Indian outsourcing firms it’s not
The fact that it's nicely commented is even more so. Check out the other environment configs commented out, are they doing this by hand? Wild.
That’s exactly the kind of work I’d expect from TCS, I’m not sure why you are surprised.
Even more importantly, why do the root keys expose EVERYTHING? Do they just have one account for all of their infra?
Sending it with AES encryption(with the key that the client has access to) makes it even worse, as someone knew this shouldn't be shared to client yet they shared it anyway.
If you’ve ever worked with Indian outsourcing firms it’s not