Category: AWS Secrets Manager

Database migration is a multi-step process comprised of assess, mobilize, and modernize phases with different tools and technologies involved. You can use tools such as AWS Schema Conversion Tool (AWS SCT) and AWS Database Migration Service (AWS DMS) to accelerate each of these phases. An important part of AWS SCT is the report that it […]

Most database deployments have multiple database users who have varying degree of privileges on the data stored in the database, database structure, and administrative operations. In multi-user database environments, it’s important to grant and limit the privileges of different users based on their roles and needs. It’s also a best practice to limit the lifespan […]

When configuring AWS Database Migration Service (AWS DMS) endpoints, you previously had to maintain the source and target credentials in plain text. In December 2020, we announced the integration of AWS DMS and AWS Secrets Manager, which allows you to take advantage of the built-in credential management capability in Secrets Manager to manage, retrieve, and […]

When configuring AWS Database Migration Service (AWS DMS) endpoints, you previously had to maintain the source and target credentials, including auditing, updating, and rotating the database credentials themselves. On December 22, 2020, we announced the integration of AWS DMS and AWS Secrets Manager, which now allows you to manage and automatically rotate the source and […]

As organizations work to modernize their traditional applications to an event-driven, serverless model, a question that comes up frequently is how the object-relational mapping (ORM) layer should be managed. Packaging it with AWS Lambda functions increases its size and adds a cognitive burden on the development team to track. In addition, many organizations have requirements […]

When you authenticate with a web or mobile application, you typically do so with a username and password where you’re authenticated against a user database such as Amazon Cognito. You’re expected to secure your password and rotate it periodically or when it has been compromised. When you’re building a user-facing application that is running on […]

October 2022: This post was reviewed and updated with a new architecture diagram and code updates to factor the change from CDK 1.x to CDK 2.x. Amazon ElastiCache for Redis is an AWS managed, Redis-compliant service that provides a high-performance, scalable, and distributed key-value data store that you can use as a database, cache, message […]

This post discusses cross-account design options and considerations for managing Amazon Relational Database Service (Amazon RDS) secrets that are stored in AWS Secrets Manager. Amazon RDS is a managed service that makes it easy to set up, operate, and scale a relational database on AWS. Secrets Manager helps you securely store, encrypt, manage, rotate, and […]