Using Secrets Manager to authenticate with an RDS database using Lambda

1 hour
  • 5 Learning Objectives

About this Hands-on Lab

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. In this lab, we connect to a MySQL RDS database from an AWS Lambda function using a username and password, and then we hand over credential management to the AWS Secrets Manager service. We then use the Secrets Manager API to connect to the database instead of hard-coding credentials in our Lambda function. By the end of this lab, you will understand how to store a secret in AWS Secrets Manager and access it from a Lambda function.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create Lambda Function

Create a Lambda function and join it to the provided VPC.

Create the mysql layer and copy your code to the lambda function.

Create the mysql layer, and attach that layer to the function. Copy your code into the function

Create a Secret in Secrets Manager

Use the Secrets Manager console to create a secret and enable automatic credential rotation.

Modify Permissions

Enable the Secrets Manager VPC endpoint, modify the security group, and add a policy to the IAM role to allow it to connect to Secrets Manager.

Test New Code

Using the code provided, test the connection to the RDS database from Lambda using the Secrets Manager API to obtain the authentication credentials.

Additional Resources

Log in to the live AWS environment using the credentials provided. Use an incognito or private browser window to ensure you're using the lab account rather than your own.

Make sure you're in the N. Virginia (us-east-1) region throughout the lab.

MySQL Library Zip file

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?