☁️
AWS Solutions Architect Associate SAA-C03 Study Notes/
🔶
AWS Secrets Manager/
🔷
AWS Secrets Manager – Multi-Region Secrets
🔷

AWS Secrets Manager – Multi-Region Secrets

Overview

  • Allows secrets to be replicated across multiple AWS regions to support global workloads and disaster recovery.
  • Replication ensures that applications in different regions can access secrets locally with minimal latency.

Key Features

  • Replication
    • Create a primary secret in one region and replicate it to one or more secondary regions.
    • Replicas are read-only and stay synchronized with the primary.
  • Promotion
    • A replica can be promoted to a standalone secret if the primary region is unavailable.
    • Ensures continuity in disaster recovery scenarios.
  • Consistency
    • Secrets are automatically updated across all replicas when the primary changes.

Use Cases

  • Multi-region applications that require local access to secrets.
  • Disaster recovery plans where a failover region must have up-to-date credentials.
  • Supporting global databases (e.g., Aurora Global Database) that require the same credentials in multiple regions.

Example

  • Primary: MySecret-A in us-east-1.
  • Replica: MySecret-A in us-west-2 (read-only).
  • Both regions can access the same secret without cross-region latency.