Migrating Hard-coded Secrets in AWS Lambda to AWS Secrets Manager

Lab Steps

lock
Logging in to the Amazon Web Services Console
lock
Making a Simple API Call with AWS Lambda
lock
Migrating a Hard-coded Secret to AWS Secrets Manager
lock
Retrieving a Secret from AWS Secrets Manager with AWS Lambda

The hands-on lab is part of these learning paths

Ready for the real environment experience?

DifficultyIntermediate
Time Limit1h 20m
Students90
Ratings
5/5
starstarstarstarstar

Description

AWS Secrets Manager is a fully managed service for managing sensitive digital credentials. Types of secrets that can be managed with AWS Secrets Manager include API keys, passwords, tokens, and certificates. AWS Secrets Manager also addresses the security and maintenance concerns that come with hardcoding sensitive pieces of data directly in your code.

With AWS Secrets Manager, you can replace hard-coded credentials in your code by retrieving the secret programmatically using an AWS Secrets API call.

In this lab, you will migrate a hard-coded API key in an AWS Lambda function to AWS Secrets Manager and update the function code to follow a secure pattern that is also easy to maintain.

Learning Objectives

Upon completion of this lab, you will be able to:

  • Store a secret in AWS Secrets Manager
  • Access a secret from an AWS Lambda function

Intended Audience

  • Candidates for the AWS Certified Solutions Architect - Associate exam
  • Cloud Architects
  • Software Engineers

Prerequisites

Familiarity with the following will be beneficial but is not required:

  • Secret Management
  • The Python programming language
  • The Linux command line

The following courses and labs can be used to fulfill the prerequisite:

Environment before
PREVIEW
arrow_forward
Environment after
PREVIEW
About the Author
Students12908
Labs37
Learning paths1

Jun is a Cloud Labs Developer with previous experience as a Software Engineer and Cloud Developer. He holds the AWS Certified Solutions Architect and DevOps Engineer Professional certifications. He also holds the AWS Certified Solutions Architect, Developer, and SysOps Administrator Associate certifications. 

Jun is focused on giving back to the growing cloud community by sharing his knowledge and experience with students and creating engaging content.