AWS Secrets

manager

Bill Wang

 

Topic

  • What is a secret?
  • What are the challenges?
  • demo - command lines
  • demo - retrieve the secret in your application

Secrets

  • Something that is meant to be kept unknown or unseen by others

  • In our context we’ll limit our consideration of secrets to those related to securing information

use cases

Passwords

API secret keys

SSH private keys

CA certificates

...

Challenges

  • A simple solution - managed service
  • Trusted provider with support
  • Permission - fine-grained permissions
  • SDK support

Command lines

Create secrets:

$ aws secretsmanager create-secret --name "fbi/secrets/dev" --secret-string file://dev.json

 

Get secrets:

$ aws secretsmanager get-secret-value --secret-id "fbi/secrets/dev" |jq -r .SecretString

{

  "env": "dev",

  "foo": "bar"

}

 Retrieve the secret in your application.

DEMO

Repo: https://github.com/ozbillwang/asm-showcase

 Pricing and limits

  • Secrets Manager offers pay as you go pricing.

    • $0.40 per secret per month

    • $0.05 per 10,000 API calls

  • Max length of a secret is 4K (4096 characters)

References

aws secrets manager

By Bill WANG

Made with Slides.com

aws secrets manager

  • 766

More from Bill WANG