Maintained with ☕️ by
IcePanel logo

AWS Secrets Manager is now FedRAMP compliant



You can now use AWS Secrets Manager to manage secrets for applications that are subject to Federal Risk and Authorization Management Program (FedRAMP) Moderate and High baselines, in both Commercial and AWS GovCloud (US) Regions. This is in addition to compliance with [U.S. Health Insurance Portability and Accountability Act (HIPAA)](/compliance/hipaa-compliance/), [Payment Card Industry Data Security Standard (PCI DSS)](/compliance/pci-dss-level-1-faqs/), [System and Organizational Controls (SOC)](/compliance/soc-faqs/) and [International Organization for Standardization (ISO)](/compliance/iso-certified/) requirements announced by AWS Secrets Manager [previously](/compliance/services-in-scope/). AWS Secrets Manager enables you to retrieve and manage secrets such as database credentials and API keys throughout their lifecycle. AWS Secrets Manager also makes it easier to follow the security best practice of using short-term secrets by [rotating secrets safely]( on a schedule that you determine. For example, you can [configure Secrets Manager to rotate a database credential]( daily, turning a typical, long-term secret in to a short-term secret that is rotated automatically. To learn more about Secrets Manager, visit the [documentation]( or read our blogs on how to [Store, Distribute, and Rotate Credentials Securely]( and [Rotate Amazon RDS database credentials automatically with Secrets Manager]( To get started, visit the [Secrets Manager home page](/secrets-manager/). Security and compliance, including FedRAMP, is a [shared responsibility](/compliance/shared-responsibility-model/) between AWS and you. For example, it is your responsibility to configure and manage secrets stored in AWS Secrets Manager to meet FedRAMP requirements. To learn more about the actions you may need to take to meet FedRAMP compliance requirements, read the [AWS Cloud Compliance](/compliance/) and [FedRAMP compliance](/compliance/fedramp/) webpages. For a comprehensive list of access-controlled documents relevant to compliance and security in the AWS Cloud, see [AWS Artifact](/artifact/).