AWS Secrets Manager

AWS Secrets Manager

May 28, 2020 / Eternal Team

In this blog post we will be talking all things about the AWS Secrets Manager, including What does the service do? Why would you need an AWS Secrets Manager? How can you use AWS Secrets Manager?

So what is AWS secrets manager?

AWS’s secrets manager protect your application, services and IT resources,Using Secrets Manager, you can secure and manage secrets used to access resources in the AWS Cloud, on third-party services, and on-premises

To more about please visit below link,

https://pages.awscloud.com/Getting-to-Know-AWS-Secrets-Manager_1014-SID_OD.html

Let’s see some key feature of the services

  • Rotate secrets safely
  • Built-in integrations, extensible with Lambda
  • On-demand or automatic rotation with versioning
  • Fine-grained access policies
  • Encrypted storage
  • Monitor and audit easily

Why should I use AWS Secrets Manager?

AWS Secrets Manager protects access to your applications, services, and IT resources, without the upfront investment and ongoing maintenance costs of operating your own infrastructure.

Please refer below link so that you can implement by own, and it’s easy

https://docs.aws.amazon.com/secretsmanager/latest/userguide/managing-secrets.html

What is Secret Rotation?

AWS Secrets Manager can rotate your secrets frequently. For instance, you can change your database password every 10 days keeping things very secure.
Secret rotation is handled through Lambda functions. AWS is providing built-in Lambda functions for rotating Amazon RDS passwords. But since the secret rotation is handled by Lambda functions, then any secret can be rotated as long as a Lambda function can be written to do it.

Basically there are two type of rotation

  1. Self-rotation.
  2. Master/user rotation.

Let’s take a look some use cases:

  • Managing secrets on the services which are currently integrated e.g MySQL, Postgresql, Amazon Aurora and RDS.
  • Storing, retrieving and rotating shared secret keys shared between different AWS resources in an account.
  • Storing, retrieving and rotating secrets at scale in an AWS environment with IAM policies to control access to secret

Costing:

  • $0.40 per secret per month (prorated based on the number of hours)
  • $0.05 per 10,000 API calls
  • a 30-day trial is currently available.
  • Cost of Lambda API calls (if applicable)

Other Cost: Operational Cost/Capital Cost of updating all the application code to start using this service.

Conclusion,

If you’re looking for automation and innovation, AWS Secrets Manager is an exciting new service. Basically, AWS Secrets Manager acts like a security engineer, providing multiple ways to maintain and manage secrets automatically. So what are you waiting for? It’s time to start redistributing your security tasks to AWS Secrets Manager.

Want to start a project?

It’s simple.

Contact us