Open menu

AWS SecretsManager Best Practices



Cloud Conformity checks Amazon SecretsManager service according to the following rules:

AWS Secrets Manager in Use
Ensure that AWS Secrets Manager is in use for secure and efficient credentials management.

AWS Secrets Manager in Use for DocumentDB Databases
Ensure that Secrets Manager service is used to manage DocumentDB database credentials.

AWS Secrets Manager in Use for RDS Instances
Ensure that Amazon Secrets Manager service is used to manage RDS database credentials.

AWS Secrets Manager in Use for Redshift Clusters
Ensure that Secrets Manager service is used to manage Redshift database credentials.

Enable AWS Secrets Manager Secrets Rotation
Ensure that automatic rotation is enabled for your Amazon Secrets Manager secrets.

AWS Secrets Manager Rotation Interval
Ensure that Amazon Secrets Manager automatic rotation interval is properly configured.

AWS Secrets Manager Data Encrypted with KMS CMKs
Ensure that AWS Secrets Manager service enforces data-at-rest encryption using KMS CMKs.