Securing .NET App Secrets with AWS Secrets Manager
Similar to AWS Systems Manager Parameter Store, AWS Secrets Manager allows for storing, managing, and reclaiming OAuth tokens, database credentials, API keys, and other secrets. However, there are big differences between the two AWS services.
AWS Secrets Manager was created for storing confidential data like passwords and secrets so encryption of the stored data is enabled by default. Where as Parameter Store was created to store confidential data as well as general configuration data, like URIs, UNC network paths, and the like. So, understandably, encryption is optional with AWS Systems Manager Parameter Store. Additionally, AWS Secrets Manager features automated key rotation and direct integration with services like RDS, Redshift, and DocumentDB.