Command Palette

Search for a command to run...

AWS Secrets Manager logo
In category [Database]

AWS Secrets Manager

position in category
#16

Managed service for centrally storing, retrieving, and rotating database credentials, API keys, and other sensitive configuration. Encrypts secrets at rest with keys you control in KMS, controls access via IAM, and automates rotation without redeploying applications.

Adopted by enterprises building on AWS for compliance requirements including HIPAA, PCI-DSS, FedRAMP, and DoD CC SRG. Differentiates from self-hosted options like HashiCorp Vault by removing operational overhead, from Parameter Store by focusing on rotation and cross-service integrations, and from environment-variable approaches by enabling audit trails and centralized management.

Key features:

  • Automatic rotation for RDS, DocumentDB, Redshift, and third-party providers such as Salesforce and Snowflake
  • Cross-region replication for disaster recovery and multi-region apps
  • Programmatic retrieval via SDK, CLI, or VPC endpoints with optional client-side caching
  • Native integration with Lambda, ECS, EKS, Glue, SageMaker, and dozens of other AWS services
  • CloudTrail auditing and CloudWatch alerts for rotation and usage

Use cases span database credential management for apps and data pipelines, API key storage for microservices, and secure injection into CI/CD via GitHub Actions or CodeBuild. Developers retrieve secrets at runtime instead of baking them into images or config files, while ops teams enforce rotation schedules and monitor access through a single control plane.

GitHub Repositories
6
-93.4%
Trending down this week
Removed in 85 repos