Free Assessment

AWS_Secrets-Manager_1

Ensure Secret Encrypted With KMS Customer Master Keys

Description

AWS Secrets Manager is an AWS service that makes it easier for you to manage secrets like database credentials, passwords, third-party API keys, and even arbitrary text. By default, AWS Secrets Manager has a default encryption key that Secrets Manager creates on your behalf. But when you use your own Amazon KMS Customer Master Key (CMK) to protect the secret data managed by AWS Secrets Manager service, you get full control over who can use the encryption key to access your secrets. Amazon Key Management Service (KMS) allows you to easily create, rotate, disable and audit Customer Master Keys created for your Secrets Manager secrets.

Remediation

  1. Sign in to AWS Management Console.
  2. Navigate to KMS dashboard at https://console.aws.amazon.com/kms/.
  3. In the left navigation panel click&nbsp

Service

Secrets Manager

Severity

High

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More