Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Using Secrets Manager as a Password Vault

0

Our Unix/Linux team uses an Open Source password vault to manage our root and other critical passwords. We're interested in an AWS-based solution. Requirements in no particular order:

  • Accessible by our team only -- another team has the same general CommonSysAdmin role we do, but we don't want to expose our root password to them.
  • Quickly available from the web given proper credentials and coming from a company laptop.
  • No need for a password to get the password. Assume we are already fully authenticated opening the Secrets Manager.
  • Transparently encrypt the password using a private key already on the company laptop.

Suggestions for additional requirements welcome!

  • rePost-User-8334362
    vor 2 Jahren

    Additional thoughts. The Secrets Manager generally assumes programmatic interfaces. Our use case is more interactive -- or perhaps using an application or script to retrieve the password.

Themen
KalkulationSicherheit, Identität & KonformitätAWS Framework mit guter Struktur
Tags
Linux BereitstellungAWS Identity and Access ManagementKalkulationAWS GeheimnismanagerSicherheit
Sprache
English
rePost-User-8334362
gefragt vor 2 Jahren1013 Aufrufe
2 Antworten
0

You may want to look at Amazon Cognito - https://aws.amazon.com/cognito/

Amazon Cognito User Pools is a feature that may meet your requirements - https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html

profile pictureAWS
EXPERTE
Indranil Banerjee AWS
beantwortet vor 2 Jahren
0

You can definitely build something that meets your requirements using Secrets Manager as a back-end. Command-line and web interfaces are definitely possible. But there's no native complete service that AWS offers that will cover your needs all-in-one.

If you don't have the appetite, skills or time to build a solution I'd suggest looking in the AWS Marketplace for solutions or look at other hosted third-party offerings.

profile pictureAWS
EXPERTE
Brettski-AWS
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt