Hello Folks..I hope you all are doing fine. In this blog we will learn about how to create store and retrieve a aws secret manager via console.So stay tuned.
Firstly understand what is AWS Secret manager.
AWS Secret Manager :
- It is a service provided by AWS to store secrets i.e. passwords, credentials, third party keys or any such confidential information.
- Secrets Manager allows you to store and manage access to these “secrets”.
- Leverage secrets manager to store your credentials instead of hard coding them in your code or config files.
- It also allow you to change or rotate your credentials easily thereby avoiding any code or config changes.
- Secrets Manager enables you to replace hardcoded credentials in your code with an API call to Secrets Manager to retrieve the secrets programmatically.
- Secrets Manager encrypts the protected text of a secret by using AWS Key Management Service (AWS KMS).
Let’s Take one Scenario to leverage AWS Secrets Manager :
This is one of the common scenarios where you can see that AWS Secrets Manager is frequently used to specifically store credentials.
As shown in this figure, there is a database administrator. Therefore, the database administrator first provides a personal database. It can be a personal database or a database for any project.
After the database is provisioned, the administrator actually goes to AWS Secrets Manager, where he creates the secret.
When a secret is created in Secret Manager, the secret is shared with the custom application or application team. The team and the app actually uses that particular secrets name. It basically makes an API call to the AWS Secret Manager to fetch the secret information.
After the AWS Secret Manager receives the API call it basically sends the information of secrets string back to the application. The application essentially required credentials just case use in passwords and then connects to the database. You can store any kind of credentials.
Now; we will see demo part :
DEMO :
- We will create and store a secret named “MyFirstSecret” using AWS console.
This is a Secret Manager.
Now; you see if you click the secrets manager you have the option available i.e Store a new Secret :
In below snapshot i will give the secret type and key value pairs over here and after that filling all the values press NEXT :
After that i will give the name of my secret i.e “MyFirstSecret” and then click on next button and the output is :
After that just click on STORE button and you can see your secret is created and if you click on your secret name it gives you all the information, arn etc.
Now we retrieve the secrets using CLI :
Firstly i am going to check my aws version of my cli.
so here is my version is ok. It should be above 1.15.8
Now to view secret details use command :
aws secretsmanager describe-secret --secret-id MyFirstSecret
Now To view the secret string add –version-stage parameter use command :
aws secretsmanager get-secret-value --secret-id MyFirstSecret --version-stage AWSCURRENT
So after that you perform this please delete your store secret because it is costly. So this is all about How To Create Store and Retrieve a Secret Via Console.
Conclusion :
So In this blog we learnt about How To Create Store and Retrieve a Secret Via Console. I hope this will help you out.
Happy Learning..!!!
References : https://aws.amazon.com/secrets-manager/
https://aws.amazon.com/about-aws/whats-new/2018/04/introducing-aws-secrets-manager/
