Ensure that your Amazon DocumentDB clusters are using AWS Secrets Manager service to manage database access credentials in order to meet security and compliance requirements. Secrets Manager provides built-in integration for Amazon DocumentDB (with MongoDB compatibility) and can rotate, manage and retrieve credentials for this type of database natively.
With Amazon Secrets Manager you can secure and manage database credentials used to access DocumentDB database clusters provisioned in your AWS account. Secrets Manager service will store MongoDB-compatible database credentials as part of the encrypted secret value (within the "SecretString" field).
To determine if Secrets Manager service is used to manage DocumentDB database credentials in your AWS account, perform the following actions:
Remediation / Resolution
To use Amazon Secrets Manager service to store and manage AWS DocumentDB database access credentials, perform the following actions:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
AWS Secrets Manager in Use for DocumentDB Databases
Risk level: Medium