I do not understand ‘What’ is being rotated in secrets manger auto rotation.
I have a password and a user name
it cannot change them – so its just the encryption key?
What if I am generating my own material – how could that work?
1 Answers
Secrets Manager will actually change the username/password. So the only way to connect would be to read the values from Secrets Manager. This rotation functionality is implemented as a Lambda function within your account using templates (if using AWS DBs like RDS, Redshift, or DocumentDB). You can customize the Lambda function to suit your needs, although if it’s not updating the username/password then I don’t think it’s providing the same value.
https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html
thanks