Table of contents
Automated Secret Rotation
AWS Secrets Manager provides built-in support for automatic rotation of secrets, which enhances security by frequently changing passwords and other sensitive information.
Centralized Secret Management
You can manage all your secrets from a single location, simplifying the process of keeping track of credentials, API keys, and other sensitive data across various applications and services.
Integration with AWS Services
AWS Secrets Manager is well integrated with other AWS services such as RDS, Redshift, and IAM, making it easier to manage and retrieve secrets within the AWS ecosystem.
Fine-Grained Access Control
Utilizes AWS IAM to provide fine-grained access control policies, allowing you to precisely define who can access specific secrets, enhancing security.
Secure Secret Storage
Secrets are stored securely using encryption standards provided by AWS Key Management Service (KMS), ensuring that the data is protected both at rest and in transit.
Audit and Compliance
AWS Secrets Manager facilitates compliance with regulatory requirements by providing logging and monitoring capabilities, enabling you to track access and changes to secrets.
Promote AWS Secrets Manager. You can add any of these badges on your website.
A Hardened Channel for Sensitive Communication: While dedicated secrets management tools (like HashiCorp Vault, AWS Secrets Manager, etc.) are essential for storing and managing application secrets, secure E2EE email provides a significantly safer channel for human-to-human communication that might involve discussing sensitive topics, sharing unavoidable one-off credentials (with immediate rotation plans), or... - Source: dev.to / 20 days ago
Some data sources are protected by some form of credentials. Unless the data source is a public website or stored in another AWS resource such as Amazon S3, Kendra or your custom data source will need credentials to fetch data. In either case, AWS Secrets Manager can be used to securely manage your credentials. - Source: dev.to / about 1 month ago
In this example, we need to set up two AWS Lambda, AWS Secrets Manager and Amazon DynamoDB resources. - Source: dev.to / about 1 month ago
You have to handle secrets like API keys and passwords carefully. Instead of hardcoding them into your code, you should use secure secrets management tools like HashiCorp Vault or AWS Secrets Manager. Additionally, following API key authentication best practices ensures secure handling of sensitive credentials. This keeps sensitive information protected and reduces the risk of accidental leaks. - Source: dev.to / about 1 month ago
Credential Management: Avoid storing sensitive data like access keys directly, utilizing AWS Secrets Manager, or using environment variables. - Source: dev.to / 3 months ago
Integration with External Systems Kubernetes External Secrets can integrate with tools like HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, and Google Cloud Secret Manager. For instance, to use HashiCorp Vault:. - Source: dev.to / 4 months ago
Cloud platforms provide tools like AWS Secrets Manager, Azure Key Vault, and Google Cloud Secret Manager for exactly this purpose. These services, which evolved from patterns Mitchell Hashimoto pioneered with Vault in 2015, store and encrypt your configuration. - Source: dev.to / 5 months ago
Secure Secrets: Consider using Terraform’s Sensitive Variables or integrating with secret management tools like AWS Secrets Manager or HashiCorp Vault. - Source: dev.to / 5 months ago
We have a basic settings class that needs to load data from Environmet variables, parameter store and secrets manager. - Source: dev.to / 9 months ago
Edit WhatsApp configuration values in Facebook Developer in AWS Secrets Manager console. - Source: dev.to / about 1 year ago
If you’re asking yourself where you should be keeping secrets, you should be using a secrets manager. Two examples include Doppler (https://doppler.com). - Source: Hacker News / about 1 year ago
A secrets management service would be most convenient. Documentation makes them easy to set up without having to build anything extra yourself. A secrets manager like Doppler (https://Doppler.com) has the advantage of protecting your secrets in a secure place and the advantage of minimizing exposure of those secrets - even to your own developers. That way, you don't end up with a data breach that could have easily... - Source: Hacker News / about 1 year ago
It seems like they made a lot of assumptions that something like this wouldn't happen. They assumed employees would never leak secret information, and that their GitHub repos would never be exposed. They could've used https://doppler.com) and never had this problem. It's a little too easy to get comfortable thinking things work well the way they are. This should be a warning to other companies to seriously... - Source: Hacker News / about 1 year ago
AWS Secrets Manager is a fully managed service that simplifies the storage and retrieval of secrets within the AWS ecosystem. It integrates seamlessly with Kubernetes deployments, providing a scalable and secure solution for secret management. - Source: dev.to / over 1 year ago
So we create a connection first and specify authorization pattern, which is API key in this case. EventBridge Connections uses Secrets Manager to store the key. - Source: dev.to / over 1 year ago
AWS gives two sensible options - Systems Manager Parameter Store or AWS Secrets Manager. There are pros and cons to both options, but understand that Parameter Store is just as secure as Secrets Manager, provided you use the SecureString\ parameter type. More info here. - Source: dev.to / over 1 year ago
If you have noticed, you are setting secrets in plain text on the application-configmap.yml file, which is not ideal and is not a best practice for security. The best way to do this securely would be to use AWS Secrets Manager, an external service like HashiCorp Vault, or Sealed Secrets. To learn more about these methods see the blog post Shhhh... Kubernetes Secrets Are Not Really Secret!. - Source: dev.to / over 1 year ago
In this post, I described how to build secure GitHub Actions workflows by pull_request_target event instead of pull_request event. Using pull_request_target, you can prevent malicious codes from being executed in CI. And by managing secrets in secrets management services such as AWS Secrets Manager and Google Secret Manager and access them via OIDC, you can restrict the access to secrets securely. To migrate... - Source: dev.to / over 1 year ago
Secret Management: Securely stores sensitive configuration data and secrets using tools like AWS Secrets Manager or HashiCorp Vault. Avoid hardcoding secrets in code or configuration files. - Source: dev.to / over 1 year ago
Do not add secrets into your repository. Instead use an environment file or a Secrets Management Service like AWS Secrets Manager. - Source: dev.to / almost 2 years ago
So we are better off adding the secrets to a central place like Parameter Store or Secrets Manager. - Source: dev.to / almost 2 years ago
Do you know an article comparing AWS Secrets Manager to other products?
Suggest a link to a post with product alternatives.
This is an informative page about AWS Secrets Manager. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
