Besides the secrets rotation how is this different from EC2 Parameter Store? I’m genuinely curious and will move away from parameter store if this provides some benefits.
Skimming the blog post, the main difference seems that it allows you to basically store a dict of key/value pairs for each secret. So for example, you could store all the user/pass/host/port for a DB connection as a secret. If I recall correctly, Parameter Store could only store a single SecureString for each secret.
ParameterStore lets you store String, StringList or SecureString. But there's no limit to SecureString.
A SecureString can be `postgres://admin:hunter2@localhost:5432/db`. It can also be `{"username": "admin", "password": "hunter2", "host": "localhost", "port": "5432"}`.
Sure you could do that if you don't mind adding in your own string->dict conversion. I wouldn't be surprised if the internal implementation is near-identical. Secrets Manager seems like a slightly more easy-to-use version of Parameter Store that's also visible, instead of hidden away inside Systems Manager.