Handling Secrets in Cloud-Based Applications

Learn how to securely handle secrets in cloud-based applications deployed to AWS in this NDC Sydney 2020 conference talk. Explore alternatives to storing sensitive data like certificates, API keys, and database passwords in application code. Discover options for storing, deploying, and retrieving secrets at runtime, including AWS Identity and Access Management, IAM Roles, AWS Systems Manager Parameter Store, and AWS Secrets Manager. Compare these solutions and understand their integration. Gain insights into managing build-time and runtime secrets, and learn about NuGet packages for Parameter Store and Secrets Manager.

Intro
This session
Some existing solutions (and solutions ) • Hard-coding in the app code or configuration files
Defining "application credentials"
Handling credentials in deployed applications
AWS Identity and Access Management
IAM Roles
Permissions and Policies
Putting it together Local env
AWS Systems Manager Parameter Store
@AWS Secrets Manager
Comparing Parameter Store and Secrets Manager
But...they're also integrated
Build-time secrets
Runtime secrets
NuGet packages for Parameter Store & Secrets Mar
Session recap