Posted On: Oct 1, 2020
AWS Secrets Manager has been authorized by the Defense Information Systems Agency (DISA) under DoD’s Cloud Computing Security Requirements Guide (DoD CC SRG) at Impact Levels (IL) 4 and IL 5 in the AWS GovCloud (US) Regions. With this authorization, DoD Mission Owners can now use Secrets Manager to support unclassified National Security Systems (NSS) and mission critical information.
Secrets Manager enables you to retrieve and manage “secrets,” such as database credentials and API keys, throughout their lifecycle. Secrets Manager makes it easier to follow the security best practice of using short-term secrets by rotating secrets safely on a schedule that you determine. For example, you can configure AWS Secrets Manager to rotate a database credential daily, turning a typical, long-term secret into a short-term secret that is automatically rotated. Secrets Manager also helps you meet your NIST 800-53 requirements for encryption of and least privilege access to your secrets. For example, Secrets Manager encrypts your secrets automatically and enables you to manage access to secrets using fine-grained AWS Identity and Access Management (IAM) policies and Resource-based policies.
In addition to being authorized for IL4 and IL5 workloads, Secrets Manager is compliant with U.S. Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS, the System and Organizational Controls (SOC), the Federal Risk and Authorization Management Program (FedRAMP), the International Organization for Standardization (ISO), the Information Security Registered Assessors Program (IRAP), and the Outsourced Service Provider Audit Report (OSPAR) compliance regimes. To learn more about Secrets Manager, visit the AWS Secrets Manager home page or take a look at the Secrets Manager documentation.