https://www.chenk.top/en/tags/kms/Recent content in KMS on Chen Kai BlogHugoenSun, 03 May 2026 09:00:00 +0000https://www.chenk.top/en/aliyun-fullstack/06-ram-security/Sun, 03 May 2026 09:00:00 +0000https://www.chenk.top/en/aliyun-fullstack/06-ram-security/<p>I once found a DashScope API key hardcoded in a public GitHub repo. It was mine. Someone had forked a demo I pushed months earlier, and the key was sitting in a config file I forgot to gitignore. By the time I noticed, the key had been used to generate 14,000 Qwen API calls in a single weekend. The bill was not catastrophic — DashScope per-token pricing is forgiving — but the lesson was. I had treated cloud security as something I would figure out later. &ldquo;Later&rdquo; arrived as a billing alert at 2 AM on a Sunday.</p>https://www.chenk.top/en/terraform-agents/06-llm-gateway-and-secrets/Sun, 22 Mar 2026 09:00:00 +0000https://www.chenk.top/en/terraform-agents/06-llm-gateway-and-secrets/<p>A pattern I see repeatedly in immature agent stacks: each agent has its own copy of <code>OPENAI_API_KEY</code> in its own <code>.env</code> file. Sometimes the same key, sometimes different ones, sometimes a colleague&rsquo;s personal key from when they prototyped. When the bill arrives nobody can tell which agent caused which token spend, and when a key leaks (it always does) you&rsquo;re playing whack-a-mole across a dozen <code>.env</code> files.</p> <p>The real wake-up call hit me two years ago. A contractor finished his three-month engagement on a Friday, his laptop went home, and on the following Tuesday DashScope billing flagged 12 million tokens of <code>qwen-max</code> traffic from an IP we didn&rsquo;t recognise. His personal API key — copy-pasted into a side project — was still sitting in our agent&rsquo;s <code>.env</code>. Rotating it took six hours: three engineers, four repos, two CI pipelines, one panicked Slack thread. Never again.</p>