Re: Vault or AWS/IAM

Hi Prince,
We are planning on using doing a small poc for secrets manager ourselves.
We have on prem and multi cloud environment. Can you please elaborate on
secrets manager not being a good option for multi cloud/hybrid environment?
Thank you

On Tue, Apr 7, 2020, 3:34 PM Prince Pathria <prince(dot)pathria(at)goevive(dot)com>
wrote:

> I would suggest going for Vault/Secrets manager.
> Using IAM can lock you to use only RDS.
> For a case where you're using hybrid/multi-cloud infrastructure, IAM won't
> fit in.
> Or if you're completely on AWS, there have been cases where organisations
> jump back to Postgres on EC2 from RDS for costs and performance reason. At
> least no change of code is required in case of Vault/Secrets manager.
>
> Using secrets manager over vault also has some advantages, like managing 1
> or maybe 2(in case you're using some unmanaged service as vault backend)
> less components in your infrastructure. But again secrets manager isn't a
> good option if you're using multi-cloud/hybrid infrastructure.
>
> Happy to help :)
> Prince Pathria Systems Engineer Evive +91 9478670472 goevive.com
>
>
> On Tue, Apr 7, 2020 at 12:13 PM Toomas Kristin <toomas(dot)kristin(at)gmail(dot)com>
> wrote:
>
>> Hi,
>>
>> I hope you all are well. Basically I am considering to implement a
>> centralised authentication solution for AWS/RDS/PostgreSQL. Last two
>> options on table are Vault and IAM. Have you made any similar decision and
>> can you share your experience?
>>
>> BR,
>> Toomas
>>
>>
>>
>>