Protecting your Cloud Secrets with AWS Secrets Manager

Показать описание

Securely storing passwords in the cloud is essential for web applications. Secrets Manager is the best way to store and access usernames and passwords in AWS, and in this video I walk through how to create and work with these secrets. Watch this video for more details!

Table of Contents:
0:00 Introduction
1:04 Previous methods of credential storing in AWS
2:43 AWS Secrets Manager
4:22 Database credential rotation
6:57 Creating a secret in the Web Console
11:13 Retrieving a secret in JavaScript
12:16 Retrieving a secret with the AWS CLI
16:26 Final thoughts

#aws #SecretsManager #clouddev

Ryan H. Lewis

Рекомендации по теме

Комментарии

Ok, but here's the question
where do I store the api key/secret that allows me to connect to AWS Secrets Manager?
I mean, I can hide all connection secrets in the cloud, but if a malicious user gains access to (example: .env.production) which has the key to access the secrets storage, how am I more safe?

nabilalhusail

Thanks for the excellent video.
Can you please explain: how to prevent the access from the command line ? since If the server somehow was compromised and an attacker is in the server --> I want to make his life hard as possible and not allow access from the command line. I assume that it is to give the container some permission level that will allow access to the secrets component, is it correct ?
many thanks

blockchainforeveryone

If my python application is running on ec2 instance will be need an iam role with permissions to read secret??

VinaySingh-gwyi

Quality post! If this was a cats video, you would have 1M views already

DKLHensen

Protecting your Cloud Secrets with AWS Secrets Manager

Securely manage your cloud secrets with IBM Cloud Secrets Manager

Manage your Cloud Run secrets securely with Secret Manager

Identify and Protect Sensitive Data in the Cloud: Latest Innovations in Cloud DLP (Cloud Next '...

Protect your Google Cloud environment with Security Foundation

Securing Kubernetes Secrets (Cloud Next '19)

How Google Protects Your Data at Rest and in Transit (Cloud Next '18)

Protecting Identities and Secrets in a Multi-cloud Environment with HashiCorp Vault

AWS re:Inforce 2023 - Centralize and manage secrets with HashiCorp Cloud (PRT206-S)

Securing and Protecting Enterprise Cloud Data MegaCast - Teleport

AWS re:Invent 2018: A Practitioner's Guide to Securing Your Cloud (Like an Expert) (SEC203-R1)

Protect your customers from fraud and abuse with Google Cloud user protection suite

Bring Your Own Key to the Cloud With Vault

How to Protect Your GitHub Environment Using MCAS - Microsoft Cloud App Security Webinar

AWS re:Inforce 2022 - Strategies for securing your cloud & mitigating potential risks (DEM217-S)

💕Superpower Babies Recognize His Mom at First Sight,CEO Daddy Immediately Took Her Home to Love!

Cryptomator: The Most Secure Encryption for Your Cloud Storage! (And Boxcryptor Alternative)

Webinar | 5 steps to secure your cloud operations

Cloud Code and Secret Manager integration

Top 5 Private Cloud Services That Respect YOU!

Secure Your Cloud with Confidence with Microsoft Defender for Cloud

The Key to Strong Cloud Security: Secrets Management

Protect your Oracle Cloud Infrastructure environment with Wiz

Handling secrets in cloud-based applications - Steve Roberts - NDC Sydney 2020

Protect your Cloud Workloads with Microsoft Defender for Cloud