Back to glossary

Secrets Management

The tools and processes used to securely store, manage, and rotate sensitive information like API keys, passwords, and certificates.

Categorycloud

Overview

Secrets management services (e.g., AWS Secrets Manager, Google Cloud Secret Manager, HashiCorp Vault) provide a centralized and secure way to handle sensitive data. They prevent secrets from being hardcoded in source code or stored in insecure configuration files.

Key Features

  • Encryption: Secrets are encrypted at rest and in transit.
  • Access Control: Strict IAM policies control who can access or modify secrets.
  • Automatic Rotation: Can automatically change passwords or API keys on a schedule to reduce the risk of compromise.
  • Auditing: Records every time a secret is accessed or changed.

Importance

Critical for protecting against data breaches and ensuring that sensitive credentials are not exposed in version control systems.

Related Terms

Cloud Identity and Access ManagementManaged IdentityService Account