Amazon Launches Secrets Manager For Passwords

Amazon Web Services (AWS) has announced the launch of Secrets Manager, which will be used to safely store important company information, including passwords.

“Today we’re launching AWS Secrets Manager, which makes it easy to store and retrieve your secrets via API or the AWS Command Line Interface (CLI) and rotate your credentials with built-in or custom AWS Lambda functions,” the company wrote in a blog post. “Managing application secrets like database credentials, passwords or API keys is easy when you’re working locally with one machine and one application. As you grow and scale to many distributed microservices, it becomes a daunting task to securely store, distribute, rotate and consume secrets. Previously, customers needed to provision and maintain additional infrastructure solely for secrets management, which could incur costs and introduce unneeded complexity into systems.”

With Secrets Manager, “you never, ever put a secret again in your code,” Amazon’s chief technology officer, Werner Vogels, said during a presentation at the AWS San Francisco Summit, according to CNBC.

The new service can be used to store passwords, database login information and keys to application programming interfaces (APIs) for other services.

AWS offers more than 125 services to its customers, and in the fourth quarter it held 34 percent of the market for cloud infrastructure services, according to Synergy Research Group.

But it’s also been hit with its own cybersecurity issues. In October, UpGuard revealed that Accenture had a breach of data stored in AWS that contained 40,000 passwords. In addition, the Australian Broadcasting Corporation had its own data breach that involved login information.

With that in mind, AWS has worked to boost its security with the acquisition of Sqrrl and the introduction of the Macie data security service. And last year, AWS reportedly acquired, a cybersecurity startup based in San Diego.

The new AWS Secrets Manager service is now available. It costs 40 cents per “secret” per month, and five cents for every batch of 10,000 programmatic requests.



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.