Cybersecurity, Storing Secrets on Amazon Web Services (AWS)
Security information from Technology Services Privacy and Information Security team.
Intended Audience: IT Professionals – Developers, IT Operations, Cloud Engineers
Why use AWS Secrets Manager
Correct use of AWS Secrets Manager helps fulfill an IT professional's responsibility to comply with Illinois Cybersecurity standards.
In particular, use of AWS Secrets Manager can help comply with the IT05 Identity Management Security Standard.
AWS Secrets Manager is recommended for secrets that control programmatic access.
Storing secrets in AWS parameter store is not recommended, because while it is encrypted, it lacks support for automated key rotation.
How to use AWS Secrets Manager
These are links to official Amazon documentation.
Security / Operations Resources
Relevant Campus Example Code