Mar 2
Loading video player...
Leaking secrets in your CI/CD pipeline is a major security risk that can lead to data breaches and compliance violations. In this episode of our DevOps Fundamentals series, we dive deep into secure secrets management using AWS Secrets Manager. You'll learn how to move away from risky hard-coded credentials and instead use a fully managed service to store, retrieve, and rotate secrets like API keys and database credentials securely. Weβll also walk through a hands-on demo integrating AWS Secrets Manager with GitHub Actions. π₯ Join our Cloud Guru WhatsApp Community: https://www.whatsapp.com/channel/0029Va8fH154IBhEu3t21y2o πGet CloudWays β https://www.cloudways.com/en/?id=1365224 π₯CloudWays COUPON CODE: CLOUDGURU25 βοΈβοΈ USE THE EXCLUSIVE COUPON CODE ABOVE TO GET 25% OFF FOR 3 MONTHSπ₯ πGet xCloud Now! βΊ https://xcloud.host?fpr=cloudguru π₯Get $200 FREE Credits for signup. So, hurry up!π₯ βββ¦βββ¦ββββ¦ββ¦β¦β¦β¦ββββ βββ£βββββ£ββ£ββ£ββ£βββ£ββ£ β βββββββ ββββ£βββββββ£ βββ©βββ©ββ©ββ©ββ©βββ©ββ©ββ In this video, we cover: Why secrets management is essential for secure DevOps pipelines. Key features of AWS Secrets Manager: Encryption (KMS), versioning, and automatic rotation. Step-by-step demo: Storing a JSON secret in AWS. Configuring IAM policies and users for secure access. Setting up GitHub Actions to fetch secrets at runtime using the AWS CLI and jq. Timeline: 00:00 - Introduction to Secrets Management 00:40 - Why Secrets Management Matters 01:11 - AWS Secrets Manager Overview & Key Features 02:07 - Integration Strategies for CI/CD 02:33 - Hands-on Demo: Integrating AWS Secrets Manager with GitHub Actions 03:21 - Step 1: Storing a Secret in AWS console 04:33 - Step 2: Creating an IAM User and Custom Policy 06:13 - Step 3: Generating Access Keys for GitHub 07:14 - Step 4: Configuring GitHub Repository Secrets 09:14 - Step 5: Building the GitHub Actions Workflow 11:00 - Troubleshooting: Fixing Region and Authorization Issues 13:19 - Summary and What's Next If you found this helpful, don't forget to like, subscribe, and hit the bell icon for more DevOps and Cloud tutorials! β‘ Watch till the end to see the architecture pattern most teams miss. If you want the architecture diagram or code template, comment βSECRETSβ below. #aws #devops #secretsmanager #githubactions #cloudsecurity #cicd #awscloud #cybersecurity