Part of the H0: Hack the Zero Stack submission. See the project on Devpost.

Every hackathon submission that uses AWS from Vercel usually starts the same way: "paste your AWS_ACCESS_KEY_ID into Vercel's environment variables." It's easy, and it works. It's also the single most common cause of cloud supply-chain attacks.

Major breaches like SolarWinds or the Toyota customer leak often start with a static credential that someone forgot to rotate, or accidentally checked into a code repository.

For the H0 hackathon, I built FarmOps Desk on Vercel + Aurora PostgreSQL + Bedrock. My goal was strict security: Zero static AWS credentials anywhere in the project, deployment, or CI pipeline.

Here is how I made the entire application "keyless."