When you need to create a username and password for a new database, what do you do? Use the same credentials every time? Use a password manager?

What if you’re deploying infrastructure-as-code? Do you ask a trusted human to remember the credentials? Do you keep the details in a shared notebook, or in source control?

What’s the worst that could happen, right?

I’ll show you how to script the creation, encryption and storage of secrets in AWS. No human needs to see that password, know that password, or type in that password. Only the code that needs access will be granted access.

Session takeaways

• Introduction to some AWS technologies, including Access and Identity Management, Key Management and Secrets Management.
• Introduction to infrastructure-as-code via Golang, and infrastructure-as-a-service via lambda functions.
• Ideas for securely deploying databases and managing database access in Amazon Web Services.

Bio

Cariad was a Software Team Lead for the best DevOps squad in Thomson Reuters, but the allure of independence was irresistible; now she’s a freelance writer, coder-for-hire, blogger at cariad.me and getcodelove.com and soon-to-be indie author.

She loves science fiction, infrastructure-as-code and wondering where her next paycheque will come from.