We are planning on using doing a small poc for secrets manager ourselves. We have on prem and multi cloud environment. Can you please elaborate on secrets manager not being a good option for multi cloud/hybrid environment?
I would suggest going for Vault/Secrets manager. Using IAM can lock you to use only RDS. For a case where you're using hybrid/multi-cloud infrastructure, IAM won't fit in. Or if you're completely on AWS, there have been cases where organisations jump back to Postgres on EC2 from RDS for costs and performance reason. At least no change of code is required in case of Vault/Secrets manager.
Using secrets manager over vault also has some advantages, like managing 1 or maybe 2(in case you're using some unmanaged service as vault backend) less components in your infrastructure. But again secrets manager isn't a good option if you're using multi-cloud/hybrid infrastructure.
Happy to help :)
Prince Pathria Systems Engineer Evive +91 9478670472 goevive.com
I hope you all are well. Basically I am considering to implement a centralised authentication solution for AWS/RDS/PostgreSQL. Last two options on table are Vault and IAM. Have you made any similar decision and can you share your experience?