This is an excellent point. All security, for every system in the stack, should be as restricted as possible.
I mostly work on large scale SaaS applications. We never let our application code create or destroy database assets on deployment. Typically we commit db migration scripts with the code but run those migrations separate from the app deployments under a special user account.
Most of the places this is hyped one size fits all kind of concepts.
I just saw this post on server side. Thought of sharing that it is not just wise to fall in because technology widget enable it.
This is an excellent point. All security, for every system in the stack, should be as restricted as possible.
I mostly work on large scale SaaS applications. We never let our application code create or destroy database assets on deployment. Typically we commit db migration scripts with the code but run those migrations separate from the app deployments under a special user account.
True Matthew,
Most of the places this is hyped one size fits all kind of concepts.
I just saw this post on server side. Thought of sharing that it is not just wise to fall in because technology widget enable it.
theserverside.com/video/3-ways-to-...