AWS Secrets storage hierarchy

How can we ensure that the storage hierarchy of the secrets in AWS secrets management is maintained when we move those secrets to Conjur?
Thank you!

Hi kam,

Can you elaborate more on the hierarchy you’re using in AWS Secrets manager?


Hi Nate,
Here is an example of hierarchy in AWS secrets manager.

  1. Secrets used by ALL service in the platform:

  2. Secrets used by all Services in a Domains: /

  3. Secrets used by a specific service in that domain: //

During DAP migration, can we maintain this hierarchy? Another question along the same lines: Can we have access control based on hierarchy. If access is on the parent, can we lock down access on child and vice versa?

Also do you have experience with AWS secrets migration to DAP? It would be greatly appreciated if you could share your recommendations/do’s/don’t’s.

Thank you!