Posted On: Oct 1, 2020

AWS Secrets Manager has been authorized by the Defense Information Systems Agency (DISA) under DoD’s Cloud Computing Security Requirements Guide (DoD CC SRG) at Impact Levels (IL) 4 and IL 5 in the AWS GovCloud (US) Regions. With this authorization, DoD Mission Owners can now use Secrets Manager to support unclassified National Security Systems (NSS) and mission critical information.

Secrets Manager enables you to retrieve and manage “secrets,” such as database credentials and API keys, throughout their lifecycle. Secrets Manager makes it easier to follow the security best practice of using short-term secrets by rotating secrets safely on a schedule that you determine. For example, you can configure AWS Secrets Manager to rotate a database credential daily, turning a typical, long-term secret into a short-term secret that is automatically rotated. Secrets Manager also helps you meet your NIST 800-53 requirements for encryption of and least privilege access to your secrets. For example, Secrets Manager encrypts your secrets automatically and enables you to manage access to secrets using fine-grained AWS Identity and Access Management (IAM) policies and Resource-based policies.