AWS Secrets Manager Agent now supports two new capabilities: pre-fetching secrets at startup and assuming an IAM role to retrieve secrets. With pre-fetching, you can specify a list of secrets or a tag value to retrieve and cache at agent startup, reducing application startup latency and optimizing cost through the BatchGetSecretValue API. With IAM role assumption, you can pass a role ARN in your pre-fetch configuration or HTTP requests for secret retrieval. The agent assumes the specified role to retrieve secrets, enabling cross-account secret retrieval by assuming a role in a different account.
Together, these enhancements strengthen your security posture through role-based secret access and reduce operational overhead by eliminating custom pre-loading logic. For example, a microservice that requires 20 secrets at startup can now pre-fetch them in a single batch operation, cutting startup latency by avoiding sequential GetSecretValue calls. IAM role assumption also simplifies multi-account architectures by enabling you to specify a different IAM role per secret.
AWS Secrets Manager Agent with pre-fetching and IAM role assumption is supported in all AWS Regions where AWS Secrets Manager is offered. To learn more, visit the AWS Secrets Manager Agent documentation.
Categories: general:products/aws-secrets-manager
Source: Amazon Web Services
Latest Posts
- AWS Lambda Managed Instances expands to additional AWS Regions
- (Updated) Microsoft 365 Copilot: Updates to memory and personalization [MC1158329]
- (Updated) New entry point for “Create pages with Copilot in SharePoint” [MC1324284]
- Outlook Actionable Messages onboarding portal refresh: new experience and updated URL [MC1384409]
![Microsoft Power Automate – Support for normalized schema import for data ingestion [MC1296281]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-joaojesusdesign-921294-150x150.webp "Microsoft Power Automate - Support for normalized schema import for data ingestion [MC1296281] 7")