I love working with the command line. Seriously, I think there’s hardly any more productive and more versatile tool for a software developer than the terminal. Maybe it’s the hacker/wizard/neckbeard kind of feeling I get when using a terminal, I don’t know.
No matter how much time and effort we spend on application security, it is always less. But simple workflows for things like secret management, key rotation and password expiration go a long way in making our applications and infrastructure resilient against the obvious attack vectors.
This post is contributed by Massimo Re Ferre – Principal Developer Advocate, AWS Container Services. Cloud security at AWS is the highest priority and the work that the Containers team is doing is a testament to that.
We’re going to take a quick look at storing secrets accessed by our serverless Lambda functions in AWS using the recently (April ’18) announced AWS Secrets Manager. The Secrets Manager main aim is to help you store, distribute and rotate credentials securely. Secrets come at $0.