From the course: Complete Guide to AWS Security and Compliance Management
Join today to access over 24,900 courses taught by industry experts.
Enabling autorotation with Secrets Manager - Amazon Web Services (AWS) Tutorial
From the course: Complete Guide to AWS Security and Compliance Management
Enabling autorotation with Secrets Manager
- [Presenter] Secrets Manager allows you to auto-rotate secrets for AWS Native services. Let's explore some considerations and implications before enabling auto-rotation. Consider the following scenario. The original password for an RDS database has been stored as a Secrets Manager Secret. There is an EC2 instance running in that region, which needs access to that database, to facilitate the use of Secrets Manager, an IAM role has been assigned to this server. In this case, the role contains an IAM policy with permissions to get the secret value for the dev-postgres access secret. This allows the EC2 instance to open a database connection and interact with the Postgres database. In order to improve the operational security posture. A decision has been made to auto-rotate the password for this database every 30 days. When enabling auto-rotation, it's possible to immediately rotate the secret or rotate it at a future point in time. When the password does rotate, the original password is…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
Understanding Amazon Macie3m 11s
-
Configuring a Macie job9m 25s
-
(Locked)
Exploring Macie results2m 53s
-
(Locked)
Understanding Key Management Service3m 41s
-
(Locked)
Creating a KMS key5m 8s
-
(Locked)
Creating a multi-region KMS key4m 14s
-
(Locked)
Using a KMS in S35m 43s
-
(Locked)
Using KMS and an IAM role7m 31s
-
(Locked)
Automating KMS key rotation4m 21s
-
(Locked)
Deleting a KMS key6m 10s
-
(Locked)
Enabling EBS default encryption8m 11s
-
(Locked)
Understanding Secrets Manager2m 14s
-
(Locked)
Using Secrets Manager5m 18s
-
(Locked)
Enabling autorotation with Secrets Manager7m 58s
-
(Locked)
Creating a multi-region secret4m 10s
-
(Locked)
Deleting a Secrets Manager secret5m 59s
-
(Locked)
Understanding AWS CloudHSM2m 38s
-
(Locked)
Understanding Systems Manager3m 44s
-
(Locked)
Implementing Systems Manager3m 52s
-
(Locked)
Resolving compliance with Systems Manager5m 16s
-
(Locked)
Creating Resource Groups3m 9s
-
(Locked)
Patching with Systems Manager3m 46s
-
(Locked)
Understanding Incident Manager2m 38s
-
(Locked)
Using Parameter Store4m 2s
-
(Locked)
Understand Certificate Manager4m
-
(Locked)
Creating a private certificate authority4m 52s
-
(Locked)
Creating a private certificate2m 40s
-
(Locked)
Using a private certificate6m 43s
-
(Locked)
Understanding Payment Cryptography4m 51s
-
(Locked)
Challenge: KMS1m 28s
-
(Locked)
Solution: KMS5m 34s
-
-
-
-