AWS secretManager allows us to retrieve database credentials, API keys and other secrets using Secret Manager API's. Instead of storing the hardcoded secret values, we can directly fecth it from secret manager API. It also provides us the option to rotate the credentials for configurable number of days.
Let us see the example of mongoDB credentials stored in secretManager.
-
Select the AWS secret Manager service from AWS console.
-
Click on Store a new secret button.
-
It provides various options for the secret Type. It supports credentials for RDS, DocumentDB, Redshift clusters and also other types of secret. Here, we select other types of secret.
-
In Plaintext store the mongodb credentials.
mongodb://USERNAME:[email protected]:27017 -
Click on Next and then provide the secret name mongodbURI.
-
Click on Next and you can configure automatic rotation. We will Disable automatic rotation.
-
Click on Next and you will be taken to review the configuration. Click on the *Store button.
-
You can see the secret in the list as shown below.
