How To Replicate Secrets In AWS Secret Manager

How To Replicate Secrets In AWS Secret Manager

How To Replicate Secrets In AWS Secret Manager

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

In today’s blog post, we will discuss how to replicate secrets from one region to another in AWS Secret Manager. If you are building a multi-region application and need to store your application secrets in AWS secret manager, you can use AWS Secret Manager secret replication feature to replicate the secrets from one source region to multiple target regions. The replication happens almost real-time and should not impact your secondary region applications when you rotate the secrets in the primary region.

How To Replicate Secrets In AWS Secret Manager:

Prerequisites:

  • AWS CLI installed and configured with proper access. You can use below link to install and configure AWS CLI.

https://cloudaffaire.com/how-to-install-aws-cli/

https://cloudaffaire.com/how-to-configure-aws-cli/

Step 1: Create a new KMS key in the primary region. This key will be used to encrypt your secrets in the primary region.

Step 2: Create a new secret in primary region secret manager.

Before we enable secret replication between primary and secondary region secret manager, we need to create a new KMS key in the secondary region to encrypt the secret in secondary region.

Step 3: Create a new KMS key in secondary region.

Step 4: Configure secret replication between primary and secondary region.

Note: You can replicate secrets in multiple secondary regions.

Step 5: Validate if the secret is replicated to the secondary region.

Next, we are going to update the secret in the primary region. The update should get replicated to the secondary region in near real time.

Step 6: Update the secret in primary region.

Step 7: Validate if the update is successfully replicated to the secondary region.

We have successfully created secret replication and also tested if the replication works. Next, we are going to delete all the resources deployed in this demo to avoid any additional cost.

Step 8: Clean up.

Hope you have enjoyed this article. To know more about AWS Secret Manager, please refer below official documentation

https://docs.aws.amazon.com/secretsmanager/index.html

Leave a Reply

Close Menu