11Oca
How are companies automatically rotating secrets such as API keys?
We currently rotate AWS-specific secrets via AWS Secrets Manager without much issue. However, we are looking to also rotate secrets e.g. API keys for specific services, but AWS Secrets Manager does not support this, and it seems that HashiCorp Vault has some limited secrets engines.
What is the best practice for rotating secrets such as API keys automatically when someone offboards from the team? The fear is that teammates have the secrets on their local machines during development, and some of them could be lost to malicious actors if they're never rotated on our end.
