One of the important application security controls is secrets management. Secrets are things like passwords, API keys, or other pieces of data used for access control. For example,the AWS access and secret key to access an Amazon S3 bucket, or OAuth credentials to interact with Salesforce Revenue Cloud.
Usage Engine provides the capabilities to manage these secrets through Secret Wallets. It enables users to store and manage their access credentials(from Usage Engine’s stream to external system) and attach it on multiple Functions and Streams without re-entering same access info again.
The configured access credentials in the Secret Wallets are safely and securely store by the Usage Engine leverage on AWS Key Management Service (KMS). Each customer’s account has one key that could only be used to encrypt and decrypt secrets in their account level.In other words, the configured secrets are only accessible by the account’s users.