Exam AWS Certified Cloud Practitioner topic 1 question 676 discussion

B. AWS Secrets Manager "Secrets Manager helps you improve your security posture, because you no longer need hard-coded credentials in application source code. Storing the credentials in Secrets Manager helps avoid possible compromise by anyone who can inspect your application or the components. You replace hard-coded credentials with a runtime call to the Secrets Manager service to retrieve credentials dynamically when you need them. With Secrets Manager, you can configure an automatic rotation schedule for your secrets. This enables you to replace long-term secrets with short-term ones, significantly reducing the risk of compromise. Since the credentials are no longer stored with the application, rotating credentials no longer requires updating your applications and deploying changes to application clients." https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html

AWS Secrets Manager is a fully managed service that helps you protect access to applications, services, and IT resources. It enables you to store and manage credentials, secrets, and other sensitive information such as database passwords, API keys, and SSH keys. You can also rotate secrets automatically and use fine-grained access control to ensure that only authorized users and applications can access them. AWS Key Management Service (AWS KMS) is a managed service that makes it easy to create and control the encryption keys used to encrypt your data. While AWS KMS can be used to protect sensitive data, it is not specifically designed to store and manage database credentials.

AWS Secrets Manager helps you manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles. Ref link: https://aws.amazon.com/secrets-manager/#:~:text=AWS%20Secrets%20Manager%20helps%20you,other%20secrets%20throughout%20their%20lifecycles.