current configuration:we currently have a one-to-one-to-one relationship between credentials-product-proxy
we are considering having credentials applying to more than one proxy
Pros:
- Client only has to maintain one set of credentials for SPG services (new ones, at least) per environment
Cons:
- Security risk increases a bit when you have one set of credentials for multiple, unrelated services
- if key is compromised have to rotate keys again on all services