{"id":539,"date":"2018-06-07T15:23:30","date_gmt":"2018-06-07T20:23:30","guid":{"rendered":"https:\/\/www.onlc.com\/blog\/?p=539"},"modified":"2018-06-07T15:23:30","modified_gmt":"2018-06-07T20:23:30","slug":"aws-secrets-manager","status":"publish","type":"post","link":"https:\/\/www.onlc.com\/blog\/aws-secrets-manager\/","title":{"rendered":"What is AWS Secrets Manager?"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">AWS Secrets Manager is a method of securely storing all of your Amazon Web Services cloud computing secrets to protect access to your apps, services, and resources. Secrets Manager enables you to securely store, rotate, manage and easily retrieve credentials to databases, API keys and other types of security credentials for various IT resources. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Instead of hardcoding credentials and trying to manually secure them with encryption in your application, secure information can be easily retrieved by making API calls to <\/span><a href=\"https:\/\/www.onlc.com\/aws-training-classes.htm\" target=\"_blank\"><span style=\"font-weight: 400;\">AWS Secrets Manager<\/span><\/a><span style=\"font-weight: 400;\">. Additionally, built-in integration with Amazon RDS for MySQL, Amazon Aurora, and PostgreSQL will automatically rotate your secure info. Let\u2019s look at some of the features that make AWS Secrets Manager such a helpful and revolutionary tool.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Secret Rotation<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">AWS Secrets Manager safely rotates secure info (or secrets) without requiring new software deployment, which will help you meet security and compliance requirements. There is also built-in integration with the most popular cloud database products that rotate secrets automatically. Lastly, you can customize Lambda functions to extend secrets rotation to your API keys and OAuth tokens that can be used to authenticate mobile application users. This ensures that everyone is using the latest version of your secrets.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Fine-grained Policy Access Management<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Access Management (IAM) policies and fine-grained AWS Identity allow you to manage secret access. You can use these policies to retrieve secrets for specific environments, so you can differentiate your secrets when deploying applications to other environments without code changes and multiple versions of configuration files. This helps avoid deployment mistakes when the developer forgets to change the credentials for the different environments. Policies can be set up to let the Secrets Manager know which secret to retrieve based on where the request is coming from on the network.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Centralized Secrets Auditing<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Secrets can be encrypted with keys that can be managed using AWS Key Management Service (KMS). Integration with logging and monitoring services provided by AWS allows for centralized auditing. For example, you can easily track down when a secret is rotated by examining the AWS CloudTrail logs. You can also set up notifications when events occur, such as when administrators add or delete secrets.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Easy Service Pay Plans<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">AWS Secrets Manager offers a pay as you go pricing model that can save tons in upfront infrastructure costs and ongoing maintenance payments. You only pay for the number of secrets you store and the number of API calls that are made to Secrets Manager. This gives you the ability to grow instantly with their high-availability setup since everything is hosted in the cloud.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">AWS Secrets Manager is very easy to setup up with the wizard provided by Amazon. There are really helpful <\/span><a href=\"https:\/\/docs.aws.amazon.com\/secretsmanager\/latest\/userguide\/tutorials_basic.html\" target=\"_blank\"><span style=\"font-weight: 400;\">step-by-step tutorials<\/span><\/a><span style=\"font-weight: 400;\"> and good documentation provided as well. The actual application is easily configured, but if you want to learn more about secrets management and security, you should really consider obtaining training to further your AWS knowledge. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">The best way to obtain training is through an established and trusted training center such as ONLC. We have more than 300 learning centers across the country, making it easier than ever to attend our training and certification courses. <\/span><a href=\"https:\/\/www.onlc.com\/contact-onlc.htm\" target=\"_blank\"><span style=\"font-weight: 400;\">Contact us today<\/span><\/a><span style=\"font-weight: 400;\"> to see how you can wield the power of AWS Secrets Manager and effectively secure all of your applications.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AWS Secrets Manager is a method of securely storing all of your Amazon Web Services cloud computing secrets to protect access to your apps, services, and resources. Secrets Manager enables you to securely store, rotate, manage and easily retrieve credentials to databases, API keys and other types of security credentials for various IT resources. Instead [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":540,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[7],"tags":[],"class_list":["post-539","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-certifications"],"aioseo_notices":[],"modified_by":"blogadmin","_links":{"self":[{"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/posts\/539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/comments?post=539"}],"version-history":[{"count":2,"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/posts\/539\/revisions"}],"predecessor-version":[{"id":542,"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/posts\/539\/revisions\/542"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/media\/540"}],"wp:attachment":[{"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/media?parent=539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/categories?post=539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.onlc.com\/blog\/wp-json\/wp\/v2\/tags?post=539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}