The Security_Account user manages your credentials, and the Dev_Account application retrieves secrets in the Security_Account user account.
Note: The secret will use the KMS to do encryption, so you need consider the KMS key sharing
For example: A secret named quickstart/ExternalCMKSecret in your Security_Account is encrypted using a customer master key (CMK) DevSecretCMK. Then the secret is shared with your Dev_Account.
-
Step1: Follow the guide secrets-manager-share-between-accounts
-
Run the secret-mgr-demo-external-account on EC2 or Lambda