AWS Secrets Manager Agent now supports two new capabilities: pre-fetching secrets at startup and assuming an IAM role to retrieve secrets. With pre-fetching, you can specify a list of secrets or a tag value to retrieve and cache at agent startup, reducing application startup latency and optimizing cost through the BatchGetSecretValue API. With IAM role assumption, you can pass a role ARN in your pre-fetch configuration or HTTP requests for secret retrieval. The agent assumes the specified role to retrieve secrets, enabling cross-account secret retrieval by assuming a role in a different account.
Together, these enhancements strengthen your security posture through role-based secret access and reduce operational overhead by eliminating custom pre-loading logic. For example, a microservice that requires 20 secrets at startup can now pre-fetch them in a single batch operation, cutting startup latency by avoiding sequential GetSecretValue calls. IAM role assumption also simplifies multi-account architectures by enabling you to specify a different IAM role per secret.
AWS Secrets Manager Agent with pre-fetching and IAM role assumption is supported in all AWS Regions where AWS Secrets Manager is offered. To learn more, visit the AWS Secrets Manager Agent documentation.
Categories: general:products/aws-secrets-manager
Source: Amazon Web Services
Latest Posts
- Microsoft SharePoint Online: Retirement of Restricted SharePoint Search [MC1395311]
- AWS Secrets Manager introduces safe secrets handling in the Agent Toolkit for AWS
- Microsoft Entra: New service plans for Conditional Access and ID Protection for agents [MC1395007]
- (Updated) Outlook Mobile: Follow a meeting option [MC1248393]
![Microsoft Power Automate – Support for normalized schema import for data ingestion [MC1296281]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-joaojesusdesign-921294-150x150.webp "Microsoft Power Automate - Support for normalized schema import for data ingestion [MC1296281] 7")