Creating a secret key
Create and configure a secret name and secret access key for the secret user on the AWS management console.
Before you begin
Procedure
- Log in to the Amazon AWS management console and ensure that you are connected to the relevant data center.
- Access to view, edit, or create a secret.
- Edit a secret by clicking the Secret name. To create a secret, click Store a new secret.
- Select the secret type by clicking Credentials for RDS database.
- Enter the secret username and password.
- Use the DefaultEncryptionKey to encrypt your secret information.
- Choose your RDS database and click Next.
- Enter a Secret name and description. This secret name is used in the Guardium® datasource definition to reference your datasource and retrieve the datasource credentials.
- Select Enable automatic rotation and select the required rotation interval from the drop-down.
- Select Create a new Lambda function to perform rotation.
- In the SecretsManager field, enter your secret name.
- Under Select which secret will be used to perform the rotation select Use this secret. Then, click Next.
- Review your entries, then click Store.
Results
- View the username and password by clicking Retrieve secret value.
- Change the password for the secret user, if required, by clicking Rotate secret immediately.