Hello readers! In this blog we will see how to store ssh key from secret manager. Secret manager is a service that makes easy for customers to manage the life cycle of all of their secrets. It allows customers to easily rotate secrets without impacting applications or employees.It enables customer to tightly control who can do what with their secrets.This service ensure that all secrets are secured and can be audited and monitored easy.This offers a pay-as-you-go model.
Features of secret manager:
- Secret manager offers the ability to rotate secrets seamlessly without impacting the applications.
- This service offers built-in integrations for secrets for databases that are hosted on RDS.
- It ensures that your application won’t break during rotation by providing the concept of visioning.
Steps to store ssh key from secret manager:
1. Go to AWS management console. In the search bar, type secret manager and this brings to the secret manager console.
2.Click on “store a new secret”. This will redirect to the window which asks you to select the type of secret.
As we store the ssh key. So, select the other type of secret option.
3.Next we have to provide the actual key value.
4.Next we have to choose the encryption setting then we choose to continue with the default encryption setting then click on next.
5. Now we have to give the secret a name and a description and then click on next.
6.Now this is the review screen. It show us the information that we have added.
And it also shows how we can retrieve the secrets. For example if we have a python application, we can copy the below code snippet and paste it in my application. This code snippet will allow my application to retrieve this SSH key as and when the application needs it.
7. Next we click on store. The secret is now securely stored in the secret manager.
Secret manager encrypt all secret by default. These secrets are encrypted using encryption key that live in your account and are under your control. It also integrate with aws which auditing and monitoring services such as cloud trail and cloud watch so you can easily understand who is doing what with your secrets.