Secret Manager
Last updated
Last updated
|
help you manage, retrieve, or rotate secrets
, such as
application credentials
OAuth tokens
API keys
database credentials (RDS, DocumentDB, Redshift cluster, etc.)
Type
Service
AWS Credentials
IAM
Encryption keys
AWS Key management service
SSH
EC2 Instance Connect
Private keys and certificates
AWS Certificate manager
Force rotation after X days
Automate generate of secret using Lambda
replicate secrets to multiple regions
keep replicated secrets in sync with primary secrets.
Use cases:
in multi-region app, you also need multi-region secret, so you can access that app with the same secret.
Secrets are ecrypted using KMS
If the data is not a secret, do not use Secret Manager. Because SM is a paid service. You pay money for someone take care of your secrets, so if not -> not worth the money.
Get random pass like this