Home > Net >  Storing public certificates and private keys in AWS
Storing public certificates and private keys in AWS

Time:02-12

I have a use case where I want to usecertificate based authentication in AWS Lambda to generate oauth tokens. Currently I am storing the certificates and private keys locally and running it like a normal java application.

However while migrating to AWS Lambda, I need to store these .crt and .key files somewhere in AWS, so that I can use it in AWS Lambda. I have come across some solutions like

1. Storing certs and keys in S3 buckets

2. Storing certs and keys in Secrets Manager

3. Storing them in Amazon Certificate Manager**

Can someone please help with which method is efficient and optimal for storing certs and keys?

CodePudding user response:

AWS ACM is not a regular secret store which you can query anytime you want to get your secrets back. ACM can only be used through integration with selected services such as load balancers. You can't use it with a lambda function.

Your only choices are AWS Secret Manager and SSM Parameter Store. SSM Parameter Store is free, but AWS Secret Manager has some extra features such as automated rotation of secrets.

  • Related