AWS Secrets Manager enhances support for MongoDB Atlas and Confluent Cloud

AWS Secrets Manager has expanded its capabilities to include managed external secrets for MongoDB Atlas and Confluent Cloud. This new feature allows users to centrally manage and automatically rotate secrets for these third-party services directly through AWS Secrets Manager, eliminating the need to create or maintain custom Lambda rotation functions.

The integration with MongoDB Atlas accommodates two types of secrets: database user secrets, which utilize username-password authentication via SCRAM, and service account secrets that use OAuth client ID and secret. For Confluent Cloud, the integration facilitates API key rotation for service accounts, supporting both cluster-scoped and cloud resource management keys. Automatic rotation is enabled by default for all integrations, which helps prevent the use of hardcoded secrets and reduces the operational burden of managing secrets across various platforms.

By utilizing managed external secrets, AWS Secrets Manager fully handles secret rotation through partner-provided rotation logic, meaning no Lambda functions are deployed in the user’s account. This allows for seamless integration of services such as MongoDB Atlas and Confluent Kafka in data pipelines, with centralized secret management that automatically rotates database and streaming platform secrets without requiring changes to application code or separate management of rotation logic for each service.

The integrations for MongoDB Atlas and Confluent Cloud are available in all AWS Regions that support managed external secrets. These new offerings join existing integrations with services like Salesforce, Snowflake, and BigID. For more detailed information, users can refer to the AWS Secrets Manager managed external secrets documentation.