AWS Secrets Manager Boosts Database Security, Password Management
Amazon Web Services (AWS) has launched AWS Secrets Manager, a service that enables end users to manage access to “secret” applications and IT resources.
Secrets Manager allows users to store and retrieve secrets via application programming interface (API) or the AWS Command Line Interface (CLI), according to a prepared statement. It also empowers users to rotate their credentials with built-in or custom AWS Lambda serverless computing platform functions.
What Does Secrets Manager Offer?
Key features of Secrets Manager include:
- Centralized Auditing and Protection: Allows users to secure secrets by encrypting them with encryption keys that can be managed via the AWS Key Management Service (KMS).
- Identity and Access Management (IAM): Allows users to set up IAM policies to manage access to secrets.
- Logging and Monitoring: Integrates with AWS’s logging and monitoring services for centralized auditing.
- Rotating Credentials: Enables users to rotate secrets safely without the need for code deployment.
Ultimately, Secrets Manager helps users manage application secrets like database credentials, passwords or APIs, the company said. It also features pay-as-you-go pricing, and users pay for the number of secrets managed in Secrets Manager and the number of Secrets Manager API calls made.
Secrets Manager is now available in the following AWS regions:
- US East (N. Virginia).
- US East (Ohio).
- US West (N. California).
- US West (Oregon).
- Asia Pacific (Mumbai).
- Asia Pacific (Seoul).
- Asia Pacific (Singapore).
- Asia Pacific (Sydney).
- Asia Pacific (Tokyo).
- Canada (Central).
- EU (Frankfurt).
- EU (Ireland).
- EU (London).
- South America (São Paulo).
With Secrets Manager, secrets are priced at $0.40 per month, per secret and $0.05 per 10,000 API calls.
Are AWS Cloud Data Leaks Becoming Commonplace?
Secrets Manager may help AWS users secure their secrets like never before. That could prove to be exceedingly important in the wake of several recent AWS cloud leaks that involved user account error rather than actual vulnerabilities.
Notable AWS cloud leaks that have occurred over the past few months include:
- Walmart: Security researchers last month discovered an Amazon Simple Storage Service (S3) bucket that contained the personal data of more than 1.3 million Walmart customers in the United States and Canada.
- FedEx: An unsecured FedEx Amazon S3 cloud server was discovered in February that contained over 119,000 scanned documents related to U.S. and international citizens.
- Accenture Cloud: Accenture Cloud intellectual property (IP) was exposed via an AWS cloud leak; the leak was discovered in September.
AWS has been named a leader in Gartner‘s Magic Quadrant for infrastructure-for-a-service (IaaS) for seven consecutive years. The company’s cloud services platform is leveraged by millions of users worldwide and offers compute power, database storage, content delivery and other capabilities.