By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Secrets Manager

0

Is it possible to disable the 'show password' checkbox in AWS Secrets Manager so that secret passwords can't be inadvertently unmasked while they're being created?

Can the same thing be done for retrieve secret value in the management console? In my opinion being able to see the secret in plain text on-screen by default poses a risk when online. If making the actual values visible where only possible through a verification process, that would be ideal. Maybe this can be done with a security key or two-factor authentication passcode to confirm that secrets should be visible in those ways, otherwise I'd like them to be masked always?

I was thinking of these points because of hackers and trojans.

Topics
Security, Identity, & ComplianceAWS Well-Architected Framework
Tags
AWS Secrets ManagerSecurity
Language
English
eflintdev
asked 2 months ago180 views
1 Answer
0

Hello.

I also tried checking from the management console, but it didn't seem possible at the moment.
Therefore, it may be a good idea to send feedback on the UI from "Feedback" at the bottom left of the management console screen.
a
b

CloudFormation has a parameter called "NoEcho", so it may be a good idea to use this to create a Secrets Manager.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html

Parameters:
  MyPassword:
    Type: String
    NoEcho: true
profile picture
EXPERT
Riku_Kobayashi
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content