Sharing Secrets Between Multiple Accounts Using AWS Secrets Manager

This lesson covers how you can share secrets, such as database API keys and database credentials, between different AWS accounts through the use of resource-based policies and AWS Secrets Manager. It explains the key aspects of the service before moving onto a real-world demonstration on the AWS platform to show you how it all works.

If you have any feedback, queries, or questions related to this lesson, please contact us at support@cloudacademy.com.

Intended Audience

This lesson has been created for those who are responsible for managing security and credentials within AWS, and for those wanting to architect the removal of hardcoded passwords and keys from applications and services. 

Learning Objectives

By the end of this lesson, you will understand how to securely allow multiple identities in multiple AWS accounts to access secrets from within another AWS account using AWS secrets manager and resource-based policies.

Prerequisites

To get the most from this lesson, you should be familiar with JSON policies and their syntax, and the basic concepts of the Key Management Service, IAM, and the AWS CLI.