From the course: AWS Essential Training for Developers

Unlock the full course today

Join today to access over 24,500 courses taught by industry experts.

Storing passwords with Secrets Manager

Storing passwords with Secrets Manager

- [Instructor] We followed best practices by creating the IAM role for our EC2 instance to access S3 and removing our secret access key from within our code. However, there are times when you need to pass in credentials to external third party services that aren't AWS services from within your code and you don't want to put those passwords or keys directly within your code either. In these instances, look at AWS Secrets Manager. You can find it by typing Secrets Manager into the search bar. With Secrets Manager, you will store the key or passwords securely into Secrets Manager. In your source code, instead of hard coding this password or key directly into your code you'll just call the AWS API with a small bit of code and retrieve the secret from Secrets Manager. So if your server is compromised or your code is leaked it won't contain your keys and passwords to your external services.

Contents