What is the ideal 1password "object" or "entity" to use with CLI for automation purpose w/o sensitiv
I just learned about the existence of CLI and once again thank you all for this awesome product.
As a longtime simple 1password user, I see this opening up to manage secrets for all cloud automation workflows.
Being brand new to the CLI product, my concern is I don't want "CLI" to access or replicate all of my sensitive secretes (finance, personal live, social media accounts, etc) on some hosted Cloud instances.
I don't see a clear documentation in the CLI documentation that provides clear instructions on how to create, authorize, designate ONLY "cloud automation secrets" that limits the scope of replication and accessibilities to non-cloud automation secrets? Maybe I have overlooked something or better search keywords. Any references to this topic will be greatly appreciated.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:type of 1password account scope
Comments
Team Member
Hi @cequencer,
Thanks for checking out the CLI. We'd love to hear about your experience with this use case if you get it up and running.
Regarding what would get replicated or even just downloaded/decrypted on a cloud-hosted instance... the recommendation there would be to create a another 1Password user that has a more limited set of vaults. You could even consider creating a Guest account which wouldn't get access to your Shared vault nor would it get its own Private vault. This would require a 1Password Families, Teams or Business account.
Cheers.
Rick