Question about security / ssl of VM created with gce_vm()

[ben519]

Hey Mark, I have (probably) a dumb question..

Suppose I create a VM like

vm1 <- gce_vm(
  template = "rstudio",
  name = "myvm",
  username = "hello",
  password = "A8NW26!msi?s>",
  predefined_type = "n1-standard-1"
)

I've always just assumed this would be "secure", but I usually access the VM via a public IP which is not SSL encrypted.

So, if I were to pull my project from github onto this VM using a secret github access token, someone could steal my token, correct?

How do you deal with this issue? Should I give the IP an SSL certificate? If so, can you point me in the right direction for learning how to do this?

Thanks!

[MarkEdmondson1234]

Http connections can be intercepted potentially but this doesn't necessarily mean your RStudio password is insecure for example, or any user can see your data. I can't give security advice over GitHub issue but consider your use case, perhaps the risk is low. There are methods to vastly improve various aspects, such as https but that on its own by no means guarantees security

[ben519]

Thanks, I'll send you a follow up email.