Secrets Manager
Owner | |
---|---|
Verification | |
Tags | |
Last edited time |
Meant to store secrets (Passwords, API keys) , can rotate every X days using Lambda
works with DB’s (RDS, Dynamo) , CloudFormation and more
can control access to secrets (cross account) using Resource based policy
(more expensive than parameter store , auto rotation , must use KMS)
Dynamic references: specify external values that are stored and managed in other services, such as the Parameter Store, in your stack templates. When you use a dynamic reference, CloudFormation retrieves the value of the specified reference when necessary during stack and change set operations.