Cybersecurity, Storing Secrets on Amazon Web Services (AWS)

Security information from Technology Services Privacy and Information Security team. Intended Audience: IT Professionals – Developers, IT Operations, Cloud Engineers

Why use AWS Secrets Manager

Correct use of AWS Secrets Manager helps fulfill an IT professional's responsibility to comply with Illinois Cybersecurity standards.

In particular, use of AWS Secrets Manager can help comply with the IT05 Identity Management Security Standard.

AWS Secrets Manager is recommended for secrets that control programmatic access.

Storing secrets in AWS parameter store is not recommended, because while it is encrypted, it lacks support for automated key rotation.

How to use AWS Secrets Manager

These are links to official Amazon documentation.

Security / Operations Resources

Relevant Campus Example Code



Keywordssecurity, developer, sdlc, cybersecurity, devops, secdevops   Doc ID106612
OwnerSecurity S.GroupUniversity of Illinois Technology Services
Created2020-10-13 10:31:40Updated2023-07-26 16:20:59
SitesUniversity of Illinois Technology Services
CleanURLhttps://answers.uillinois.edu/cybersecurity-storing-secrets-on-aws
Feedback  0   0