Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

AWS Secrets Manager

0

Is it possible to disable the 'show password' checkbox in AWS Secrets Manager so that secret passwords can't be inadvertently unmasked while they're being created?

Can the same thing be done for retrieve secret value in the management console? In my opinion being able to see the secret in plain text on-screen by default poses a risk when online. If making the actual values visible where only possible through a verification process, that would be ideal. Maybe this can be done with a security key or two-factor authentication passcode to confirm that secrets should be visible in those ways, otherwise I'd like them to be masked always?

I was thinking of these points because of hackers and trojans.

Argomenti
Sicurezza, identità e conformitàAWS Well-Architected Framework
Tag
Gestore AWS SecretsSicurezza
Lingua
English
eflintdev
posta 2 mesi fa190 visualizzazioni
1 Risposta
0

Hello.

I also tried checking from the management console, but it didn't seem possible at the moment.
Therefore, it may be a good idea to send feedback on the UI from "Feedback" at the bottom left of the management console screen.
a
b

CloudFormation has a parameter called "NoEcho", so it may be a good idea to use this to create a Secrets Manager.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html

Parameters:
  MyPassword:
    Type: String
    NoEcho: true
profile picture
ESPERTO
Riku_Kobayashi
con risposta 2 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente