Amazon Launches Secrets Manager For Passwords

Amazon Web Services (AWS) has announced the launch of Secrets Manager, which will be used to safely store important company information, including passwords.

“Today we’re launching AWS Secrets Manager, which makes it easy to store and retrieve your secrets via API or the AWS Command Line Interface (CLI) and rotate your credentials with built-in or custom AWS Lambda functions,” the company wrote in a blog post. “Managing application secrets like database credentials, passwords or API keys is easy when you’re working locally with one machine and one application. As you grow and scale to many distributed microservices, it becomes a daunting task to securely store, distribute, rotate and consume secrets. Previously, customers needed to provision and maintain additional infrastructure solely for secrets management, which could incur costs and introduce unneeded complexity into systems.”

With Secrets Manager, “you never, ever put a secret again in your code,” Amazon’s chief technology officer, Werner Vogels, said during a presentation at the AWS San Francisco Summit, according to CNBC.

The new service can be used to store passwords, database login information and keys to application programming interfaces (APIs) for other services.

AWS offers more than 125 services to its customers, and in the fourth quarter it held 34 percent of the market for cloud infrastructure services, according to Synergy Research Group.

But it’s also been hit with its own cybersecurity issues. In October, UpGuard revealed that Accenture had a breach of data stored in AWS that contained 40,000 passwords. In addition, the Australian Broadcasting Corporation had its own data breach that involved login information.

With that in mind, AWS has worked to boost its security with the acquisition of Sqrrl and the introduction of the Macie data security service. And last year, AWS reportedly acquired, a cybersecurity startup based in San Diego.

The new AWS Secrets Manager service is now available. It costs 40 cents per “secret” per month, and five cents for every batch of 10,000 programmatic requests.



B2B APIs aren’t just for large enterprises anymore — middle-market firms and SMBs now realize their potential for enabling low-cost access to real-time payments and account data. But those capabilities are only the tip of the API iceberg, says HSBC global head of liquidity and cash management Diane Reyes. In this month’s B2B API Tracker, Reyes explains how the next wave of banking APIs could fight payments fraud and proactively alert middle-market treasurers to investment opportunities.