Posted On: Apr 20, 2023
Amazon Relational Database Service (Amazon RDS) now supports integration with Amazon Secrets Manager to streamline how you manage your master user password for your Amazon RDS database instances. With this feature, Amazon RDS fully manages the master user password and stores it in Amazon Secrets Manager whenever your Amazon RDS database instances are created, modified, or restored. The new feature supports the entire lifecycle maintenance for your Amazon RDS master user password including regular and automatic password rotations; removing the need for you to manage rotations using custom Lambda functions.
Amazon RDS integration with Amazon Secrets Manager improves your database security by ensuring your Amazon RDS master user password is not visible in plaintext to administrators or engineers during your database creation workflow. Furthermore, you have flexibility in encrypting the secrets using your own managed key or by using a KMS key provided by Amazon Secrets Manager. Amazon RDS and Amazon Secrets Manager provide you the ease and security in managing your master user password for your database instances, relieving you from complex credential management activities such as setting up custom Lambda functions to manage password rotations.
For more information on this feature on Amazon RDS and Amazon Aurora engines, versions, and region availability, please refer to the Amazon RDS and Amazon Aurora user guides.