Automation is all about attempting to remove the human element from your workflows. Creating a system that provides oversight and security through previous testing, review, and the creation of standardized templates.

We worked our way through creating such a system that can deploy an RDS database using AWS Cloud Formation. 

In conjunction with AWS Secrets manager, this database is equipped with a secret password that is automatically rotated every 30 days.

Even if our cloud formation template were to be leaked to the internet, we have left no vector of attack available for someone to compromise. This is because we have removed the plain text password that was hardcoded into the cloud formation template, and replaced it with a dynamically created secret - which will be removed from local memory upon creation.

You can see how powerful this idea is when you apply it to creating a production-ready architecture.

Having to create all the little pieces by hand would take an incredible amount of time. However, being able to automatically build all this functionality with a CloudFormation template will save so much troubleshooting and heartache down the road.

Well, that brings us to the end of this course. My name is Will Meadows and I'd like to thank you for spending your time here learning how to automatically deploy an AWS database secured by Secretsmanger.  If you have any feedback, positive or negative, please contact us at support@cloudacademy.com, your feedback is greatly appreciated, thank you!

Lectures

Course Introduction - Why Automate? - Automating with AWS - Keeping Your Environment Secure with AWS Secrets Manager - Creating a Secret - Putting It All Together