Table of contents
Edit WhatsApp configuration values in Facebook Developer in AWS Secrets Manager console. - Source: dev.to / about 2 months ago
If you’re asking yourself where you should be keeping secrets, you should be using a secrets manager. Two examples include Doppler (https://doppler.com). - Source: Hacker News / 2 months ago
A secrets management service would be most convenient. Documentation makes them easy to set up without having to build anything extra yourself. A secrets manager like Doppler (https://Doppler.com) has the advantage of protecting your secrets in a secure place and the advantage of minimizing exposure of those secrets - even to your own developers. That way, you don't end up with a data breach that could have easily... - Source: Hacker News / 3 months ago
It seems like they made a lot of assumptions that something like this wouldn't happen. They assumed employees would never leak secret information, and that their GitHub repos would never be exposed. They could've used https://doppler.com) and never had this problem. It's a little too easy to get comfortable thinking things work well the way they are. This should be a warning to other companies to seriously... - Source: Hacker News / 3 months ago
AWS Secrets Manager is a fully managed service that simplifies the storage and retrieval of secrets within the AWS ecosystem. It integrates seamlessly with Kubernetes deployments, providing a scalable and secure solution for secret management. - Source: dev.to / 4 months ago
So we create a connection first and specify authorization pattern, which is API key in this case. EventBridge Connections uses Secrets Manager to store the key. - Source: dev.to / 5 months ago
AWS gives two sensible options - Systems Manager Parameter Store or AWS Secrets Manager. There are pros and cons to both options, but understand that Parameter Store is just as secure as Secrets Manager, provided you use the SecureString\ parameter type. More info here. - Source: dev.to / 5 months ago
If you have noticed, you are setting secrets in plain text on the application-configmap.yml file, which is not ideal and is not a best practice for security. The best way to do this securely would be to use AWS Secrets Manager, an external service like HashiCorp Vault, or Sealed Secrets. To learn more about these methods see the blog post Shhhh... Kubernetes Secrets Are Not Really Secret!. - Source: dev.to / 5 months ago
In this post, I described how to build secure GitHub Actions workflows by pull_request_target event instead of pull_request event. Using pull_request_target, you can prevent malicious codes from being executed in CI. And by managing secrets in secrets management services such as AWS Secrets Manager and Google Secret Manager and access them via OIDC, you can restrict the access to secrets securely. To migrate... - Source: dev.to / 6 months ago
Secret Management: Securely stores sensitive configuration data and secrets using tools like AWS Secrets Manager or HashiCorp Vault. Avoid hardcoding secrets in code or configuration files. - Source: dev.to / 7 months ago
Do not add secrets into your repository. Instead use an environment file or a Secrets Management Service like AWS Secrets Manager. - Source: dev.to / 10 months ago
So we are better off adding the secrets to a central place like Parameter Store or Secrets Manager. - Source: dev.to / 9 months ago
Security and secrets management - Experience with tools like AWS Secrets Manager, AWS Key Management Service (KMS), AWS Web Application Firewall (WAF) for secure secrets management and overall system security adds an extra layer of expertise to the QA Engineer's skill set. - Source: dev.to / 10 months ago
AWS Secrets Manager is a cloud service offered by AWS which can help to securely manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles. - Source: dev.to / 12 months ago
You can probably use GitHub secrets, yes. Depending on your deployment flow there could be other solutions: check out doppler maybe, maybe you can use ansible or similar automation tool, maybe you can use a secret manager like AWS or similar. Source: about 1 year ago
Environment Variables are familiar to most developers and work identically between your local machine and AWS. But for anything secure, or that needs to be used across multiple Lambda functions, it's worth checking out AWS Systems Manager Parameter Store, AWS Secrets Manager, or AWS AppConfig. It removes many future headaches, and helps your security team sleep at night. - Source: dev.to / about 1 year ago
Sometimes you need to access something from a different AWS account. It is called cross account access. For example, you may want to get a secret from the secrets manager. By default, it is not possible, but AWS comes with a solution. You can assume the role that has permission to the actions you want to do. Once you do this, you can act on the other account. - Source: dev.to / about 1 year ago
Managing and securing application secrets is a crucial part of any cloud-native application. AWS offers two primary services: the Systems Manager (SSM) Parameter Store and the more recent Secrets Manager. - Source: dev.to / about 1 year ago
Store the Secrets in a vault like Hashicorp Vault, AWS Secrets Manager, GCP Secret Manager, etc., and then use an operator like External Secrets Operator to add them to your K8s cluster. - Source: dev.to / about 1 year ago
AWS Secrets Manager: a secrets management service that helps you protect access to your applications, services, and IT resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. - Source: dev.to / over 1 year ago
To store the token in AWS, we recommend to use the AWS Secret Manager service. Be careful to choose a plain text secret (in the AWS console select "Store a new secret", "Other type of secret" and finally "Plaintext"). Choose a key name that matches the key used in the GitHubSourceCodeProvider construct (GITHUB_TOKEN_KEY in this example). - Source: dev.to / over 1 year ago
Do you know an article comparing AWS Secrets Manager to other products?
Suggest a link to a post with product alternatives.
This is an informative page about AWS Secrets Manager. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
