Certified Security - Specialty

Sign Up Free or Log In to participate!

AWS Systems Parameter store vs AWS Secrets Manager

from docs,

"Secrets Manager enables you to replace hardcoded credentials in your code, including passwords, with an API call to Secrets Manager to retrieve the secret programmatically."


"AWS Systems Manager Parameter Store provides secure, hierarchical storage for configuration data management and secrets management. You can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs, and license codes as parameter values. You can store values as plain text or encrypted data."

Which one should you use for the storing app credentials? Both looks same to me.

2 Answers

Yes, you can use either. Secrets Manager is newer, it comes with features such as automatic key rotation, random secrets, etc. 


A couple of other differences. Parameter Store incurs no cost up to 10k parameters where Secrets Manager costs $0.40 per secret.  An advantage of Secrets Manager is that you can allow cross account access to secrets.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?