I am developing a web application that uses Amazon Web Services. I am using ASP.NET MVC. I also use several Amazon Web Serivces including S3, EC2 and SQS. I am planning to hire freelancers to help the development. Now I put the Amazon Web Service key and secret in the web.config file and it is connected to my credit card. I am using hosted SVN source control, and TeamCity for automatic build and testing.
The question is, is there a way the freelancer can checkout the code and do testing, without knowing the sensitive information like the AWS key and secret? Should I put it in a different file? Should I put it in the database and encrypt it?