feat[security]: Don't use environment configurations unless explicitly enabledΒ #514
Description
Currently some services, such as Azure-Storage, have no option to disable the use of workload identities.
This is a security risk as any binary that includes reqsign can access, without further configurations, files, the host machine has access to. For server applications this is problematic.
Instead, we should opt to a secure default, that is, users must specify credentials explicitly. Environment Credentials must be opt-in for security reasons alone, just like they are in all Cloud SDKs.
I think we should start by adding options to disable environment configuration first (Just like S3 which already has it), and switch to secure defaults in the next major release.