Amazon RDS announces integration with AWS Secrets Manager in the AWS GovCloud (US) Regions
Amazon RDS now supports integration with AWS Secrets Manager in the AWS GovCloud (US) Regions to streamline how you manage your master user password for your RDS database instances. With this feature, RDS fully manages the master user password and stores it in AWS Secrets Manager whenever your RDS database instances are created, modified, or restored. The new feature supports the entire lifecycle maintenance for your RDS master user password including regular and automatic password rotations; removing the need for you to manage rotations using custom Lambda functions.
RDS integration with AWS Secrets Manager improves your database security by ensuring your RDS master user password is not visible in plaintext to administrators or engineers during your database creation workflow. Furthermore, you have flexibility in encrypting the secrets using your own managed key or by using a KMS key provided by AWS Secrets Manager. RDS and AWS Secrets Manager provide you the ease and security in managing your master user password for your database instances, relieving you from complex credential management activities such as setting up custom Lambda functions to manage password rotations.
For more information on this feature on RDS and Aurora engines, versions, and region availability, please refer to the RDS and Aurora user guides.