stackoom
  简体   繁体   中英

Alternatives of/Configuring AWS secrets manager

 原文  2021-12-27 15:16:21       amazon-web-services/ aws-lambda/ aws-secrets-manager

Question

Currently, Our Security engineering team is not allowing to write in secrets manager but read is fine.

We have a common lambda role which is being used by other modules as well.

  1. Is there any way to configure writing limited to only particular secrets?
  2. Alternatives to AWS secrets manager.

2 answers

solution1
 0  2021-12-27 15:42:32

  1. Is there any way to configure writing limited to only particular secrets?

Yes. This official documentation shows how to grant read access to only specific secrets. You could do the same thing with write access.

  1. Alternatives to AWS secrets manager.

AWS SSM Parameter Store

solution2
 0  2021-12-27 22:44:40

Strong recommendation for using Secrets Manager or SSM Parameter Store to store secrets, but there are also other, non-AWS alternatives like Hashicorp's Vault. It can be found from AWS Marketplace ( https://aws.amazon.com/marketplace/pp/prodview-ngzq6n42psnxa ) or downloaded from the vendor website ( https://www.vaultproject.io/ ).

Don't forget to ask security team review and approval before using in production environments. :-)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Configuring Concourse CI to use AWS Secrets Manager Create secrets in AWS Secrets Manager AWS Secrets Manager and javascript Aws secrets manager Retrieve secrets from AWS Secrets Manager How to store multiple secrets in AWS Secrets Manager? VPC Endpoint for AWS Secrets Manager AWS Secrets Manager Exception AccessDenied AWS Secrets Manager Certificate issue AWS Secrets Manager cross account
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM