AWS Security Blog

Category: AWS Secrets Manager

Manage your AWS Directory Service credentials using AWS Secrets Manager

AWS Secrets Manager helps you protect the secrets that are needed to access your applications, services, and IT resources. With this service, you can rotate, manage, and retrieve database credentials, API keys, OAuth tokens, and other secrets throughout their lifecycle. The secret value rotation feature has built-in integration for services like Amazon Relational Database Service […]

Read More

How to use AWS Secrets & Configuration Provider with your Kubernetes Secrets Store CSI driver

April 29, 2021: We’ve updated the order of the commands in Step 1. April 23, 2021: We’ve updated the commands in Steps 1 and 5 and in the “Additional Features” section. AWS Secrets Manager now enables you to securely retrieve secrets from AWS Secrets Manager for use in your Amazon Elastic Kubernetes Service (Amazon EKS) […]

Read More

How to replicate secrets in AWS Secrets Manager to multiple Regions

On March 3, 2021, we launched a new feature for AWS Secrets Manager that makes it possible for you to replicate secrets across multiple AWS Regions. You can give your multi-Region applications access to replicated secrets in the required Regions and rely on Secrets Manager to keep the replicas in sync with the primary secret. […]

Read More

Use AWS Secrets Manager to simplify the management of private certificates

AWS Certificate Manager (ACM) lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with Amazon Web Services (AWS) services and your internal connected resources. For private certificates, AWS Certificate Manager Private Certificate Authority (ACM PCA) can be used to create private CA hierarchies, including root […]

Read More

How to enhance Amazon CloudFront origin security with AWS WAF and AWS Secrets Manager

Whether your web applications provide static or dynamic content, you can improve their performance, availability, and security by using Amazon CloudFront as your content delivery network (CDN). CloudFront is a web service that speeds up distribution of your web content through a worldwide network of data centers called edge locations. CloudFront ensures that end-user requests […]

Read More

Identify, arrange, and manage secrets easily using enhanced search in AWS Secrets Manager

AWS Secrets Manager now enables you to search secrets based on attributes such as secret name, description, tag keys, and tag values. With this launch, you can easily identify, arrange, and manage your secrets into logical groups that can then be used by specific applications, departments, or employees. For example, you can use the Secrets […]

Read More

How to use resource-based policies in the AWS Secrets Manager console to securely access secrets across AWS accounts

AWS Secrets Manager now enables you to create and manage your resource-based policies using the Secrets Manager console. With this launch, we are also improving your security posture by both identifying and preventing creation of resource policies that grant overly broad access to your secrets across your Amazon Web Services (AWS) accounts. To achieve this, […]

Read More

How to track changes to secrets stored in AWS Secrets Manager using AWS Config and AWS Config Rules

On April 20th, AWS Config announced support for AWS Secrets Manager, making it easier to track configuration changes to the secrets you manage in AWS Secrets Manager. You can now use AWS Config to track changes to secrets’ metadata — such as secret description and rotation configuration, relationship to other AWS sources such as the […]

Read More

How to use AWS Secrets Manager to securely store and rotate SSH key pairs

August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. October 4, 2019: We’ve updated the estimated solution cost for accuracy. AWS Secrets Manager provides […]

Read More

How to securely provide database credentials to Lambda functions by using AWS Secrets Manager

As a solutions architect at AWS, I often assist customers in architecting and deploying business applications using APIs and microservices that rely on serverless services such as AWS Lambda and database services such as Amazon Relational Database Service (Amazon RDS). Customers can take advantage of these fully managed AWS services to unburden their teams from […]

Read More