thomasabishop/eolas
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

aws: secrets vs env vars

Browse source
This commit is contained in:
thomasabishop 2023-08-31 16:48:12 +01:00
parent 1c3f516668
commit 638a0dab57
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
DevOps/AWS/AWS_Lambda/Secrets_or_env_vars.md Normal file
View file

@ -0,0 +1,12 @@
---
categories:
- DevOps
- Backend
tags: [AWS, aws-lambda]
---
# Secrets or environment variables?
Choosing between environment variables and AWS Secrets Manager hinges on factors such as use case, security needs, and the data type. Environment variables are easier to use, free, and offer fast access but are less secure and lack features like versioning. On the other hand, AWS Secrets Manager provides robust security through encryption, access control, audit trails, and supports secret versioning and rotation. However, it comes with additional costs and can introduce latency and rate limits.
General recommendations suggest using AWS Secrets Manager for storing sensitive data like API keys and passwords, due to its enhanced security features. For less sensitive, non-critical data such as feature flags or environment-specific URLs, environment variables are often adequate. Cost-conscious users who don't need advanced features may find environment variables more economical. Ultimately, the best choice depends on your specific requirements and limitations.