Although AWS Secrets Manager is not solely focused on key infrastructure, it does offer the ability to maintain a level of security protection for any API keys, in addition to other secrets. You might be wondering what is actually considered a secret? Within Secrets Manager, a secret is something that you want to remain hidden and protected instead of being available with open access to anyone who can read it. This can include database credentials across Amazon Redshift clusters and Amazon RDS, instance passwords, plaintext, or, as I mentioned earlier, API keys.
AWS Secrets Manager holds, protects, and contains this sensitive information for you, allowing other services and applications to call for the secret via a simple API call. This negates the need for your application developers to hardcode any secrets or credentials within your applications. Instead, when a secret value is required, an API call to AWS Secrets Manager is triggered that will then return...