Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

readme: Link to 'Service Account' #3

Merged
merged 1 commit into from
Nov 12, 2024
Merged

readme: Link to 'Service Account' #3

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ Manage secrets for NixOS with 1Password natively with a NixOS module.
## Security

With this setup, you should only need one unencrypted secret on your machine; your 1Password Service Account token.
With this setup, you should only need one unencrypted secret on your machine; your [1Password Service Account](https://developer.1password.com/docs/service-accounts/) token.
You should set your Service Account token to have the _absolute minimum required permissions._ Usually this means read-only
access to only a single vault in which your server secrets are kept. You should set an expiration on the token and
[rotate it regularly](https://developer.1password.com/docs/service-accounts/manage-service-accounts/#rotate-token).
Expand Down
Loading