1
00:00:00,180 --> 00:00:05,760
So here is another service in which you can helpfully store secrets in AWS and that one is

2
00:00:05,780 --> 00:00:08,950
called obviously AWS secrets manager.

3
00:00:09,030 --> 00:00:12,000
So it's newer service it came after the AWS.

4
00:00:12,060 --> 00:00:17,850
SSM parameter store was out and really the sole purpose of secrets manager is to be storing secrets.

5
00:00:18,360 --> 00:00:24,000
So the difference between secrets manager and the parameter store is that secrets manager is more oriented

6
00:00:24,000 --> 00:00:28,640
towards secrets and it has a capability to force the rotation of your secrets.

7
00:00:28,770 --> 00:00:36,060
Every X number of days there is also the capability to automate the generation of secrets on the rotation

8
00:00:36,090 --> 00:00:38,910
so it uses AWS Lambda for this integration.

9
00:00:38,910 --> 00:00:44,100
On top of it you can integrate secrets manager with RDS to synchronize your secrets between your

10
00:00:44,100 --> 00:00:46,100
databases and secrets manager.

11
00:00:46,110 --> 00:00:49,500
The secrets are obviously encrypted and you can encrypt it using KMS.

12
00:00:49,590 --> 00:00:55,320
And so when you go into the exam anytime you see secret storing rotation of secrets integration with

13
00:00:55,340 --> 00:00:59,330
RDS think secrets manager it's a really simple service.

14
00:00:59,460 --> 00:01:02,410
And in the next lecture we'll go seeing the hands on how it works.