AWS和机密(系统管理员,机密管理员,密钥管理服务)
[英]AWS and secrets (Systems Manager, Secrets Manager, Key Management Service)
问题描述
As AWS has now retired the KMS service it seems the Secrets Manager took over. 
由于AWS现在已淘汰KMS服务,因此似乎由Secrets Manager接管了。
As it is quite costly there is also the Systems Manager parameter store. 由于成本很高,因此还有Systems Manager参数存储。
None of these has audit capabilities as far as I see. 据我所知,这些都没有审计功能。
Does anybody know the roadmap or what to use for which use case? 是否有人知道路线图或针对哪种用例使用什么?
1 个解决方案
解决方案1
7 已采纳 2018-09-11 10:42:36
The AWS Key Management Service (KMS) is an encryption and key management service. AWS Key Management Service(KMS)是一种加密和密钥管理服务。 It has certainly not been retired , and is used to manage encryption keys for services such as Amazon S3, Amazon EBS, Amazon RDS, Amazon Redshift and Amazon EMR. 它肯定还没有退休 ,用于管理服务的加密密钥,例如Amazon S3,Amazon EBS,Amazon RDS,Amazon Redshift和Amazon EMR。
The AWS Systems Manager Parameter Store provides secure, hierarchical storage for configuration data management and secrets management. AWS Systems Manager参数存储为配置数据管理和秘密管理提供安全的分层存储。 In fact, the Parameter Store uses AWS KMS to manage encryption keys. 实际上,参数存储使用AWS KMS来管理加密密钥。
The AWS Secrets Manager makes it easier to manage secrets, including automated password rotation (in-built for Amazon RDS, or utilizing AWS Lambda for other systems). AWS Secrets Manager使管理秘密变得更加容易,包括自动密码轮换 (针对Amazon RDS内置,或将AWS Lambda用于其他系统)。
All of these services provide Auditing via AWS CloudTrail . 所有这些服务都通过AWS CloudTrail提供审核 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.