In episode #93 of Mobycast, we discussed secrets management for our cloud-native applications. We learned why we need secrets management and some of the possible solutions available to us.
Now that we know the "theory", it's time to put that knowledge into practice.
In this episode of Mobycast, Jon and Chris finish their two-part series on handling secrets with cloud-native apps. We show you how to easily implement secrets management for a containerized application running on Amazon Elastic Container Service (or ECS). After this episode, you'll be a pro at keeping a secret!
- AWS offers not one, but two, managed services for secrets management. Systems Manager Parameter Store and AWS Secrets Manager have similar functionality, making it sometimes confusing to know which to use. We compare and contrast the two services to help guide your choice.
- The three types of sensitive data injection supported by Elastic Container Service (ECS).
- Understanding when sensitive data is injected into the container and how to handle updates to secrets (such as credential rotation).
- The required configuration changes and IAM permissions you need to enable ECS integration with Parameter Store and Secrets Manager.
- A walkthrough of the specific steps you need to take to update your ECS application to support secrets integration.
Detailed Show Notes
Want the complete episode outline with detailed notes? Sign up here: https://mobycast.fm/show-notes/
Straddling by Derek Russo
For a full transcription of this episode, please visit the episode webpage.
What is Mobycast?
A Podcast About Cloud Native Software Development, AWS, and Distributed Systems