If you are running Symfony 5, there are a couple of ways to keep your application's sensitive information (like database credentials) secret. One w...
For further actions, you may consider blocking this person and/or reporting abuse
It is very interesting but there is a main issue concerning security aspect : the constup bundle requires AWS Credentials stored in the host. It is not a safe way to do. It would be better to use the instance profile permission to access to the secret in the secret manager. In this way, it is not necessary to know the AWS credentials. Clearly the instance profile should be granted to access to the AWS Secret manager.
You may want to take a look at my other article: dev.to/nikolastojilj12/safe-and-si... That article covers pretty much all environments: from EC2 instances to bare metal local setups.
Thanx for your post! I would suggest also if you have big trafic to cache credential to avoid latency and secret management calling limit exceeding.
my question is about auto rotation of password that can be activated on RDS : is there something in doctrine that could handle easily the changing "on the fly" like catching every "connection error due to wrong credential" and update secret in code before retrying the sql query ?