Skip to content
Z Zendikt
A
Secrets Management Software · Rank #4 of 10

AWS Secrets Manager review and pricing

Native AWS secrets service for AWS-anchored estates.

By Amazon Web Services · Founded 2018 · Seattle, WA · public

AWS Secrets Manager is the native AWS service for secrets storage, rotation, and retrieval, launched 2018 and integrated tightly with AWS KMS, IAM, RDS, Lambda, ECS, and EKS. Best fit for AWS-anchored estates where the value of native integration outweighs the cost of AWS lock-in. The pricing model (per-secret per month plus per-API-call) creates surprises for teams that did not anticipate fan-out across microservices, and rotation is automated only for a fixed set of supported AWS targets; everything else requires custom Lambda rotation functions. Cross-cloud or hybrid-estate buyers will hit the limits of an AWS-only secrets posture quickly.

Visit AWS Secrets Manager Vendor pricing Compare to 1Password Secrets Automation
Best for

AWS-anchored estates (any size) where the native integration value outweighs portability cost, and rotation targets are limited to AWS-supported services.

Worst for

Cross-cloud or hybrid-estate organizations, or buyers wanting deep dynamic credentials and PKI in one platform.

Vendor Trust Score

Is AWS Secrets Manager a trustworthy vendor?

8.2/10
High trust
Pricing transparency
Published rates; no hidden fees
9.0
Contract fairness
Reasonable terms; no auto-renew traps
7.5
Incident response
How they handle outages and breaches
8.5
Post-acquisition behavior
Customer treatment after M&A or PE
7.5
Executive stability
Leadership churn over 24 months
8.5
Roadmap honesty
Public commitments held
8.0
Trust signal log
  • 2018-04-04
    AWS Secrets Manager launched
  • 2023-11-15
    BatchGetSecretValue API launched
    Reduced fan-out cost concerns for microservices estates.
  • 2024-09-09
    Per-secret pricing remained unchanged for the seventh year
    Pricing model is stable but per-secret economics still surprise teams at high secret counts.
Vendor Trust is scored independently of product quality. A great product from an unfair vendor still earns a low trust score.
Review Intelligence

What 620 reviews actually say

Synthesized from G2, Capterra, Reddit, Trustpilot. Patterns >15% prevalence shown.

Last synthesized
2026-04-29

Praise patterns

  • Native AWS integration with KMS, IAM, RDS
    87%
  • Pricing fully public on AWS pricing page
    71%
  • Automatic rotation for supported AWS targets
    51%

Complaint patterns

  • AWS lock-in; not portable across clouds
    64%
  • Per-secret per month plus API cost surprises at fan-out
    47%
  • Rotation requires custom Lambda for non-AWS targets
    41%
  • No first-class developer UX
    31%
Sentiment trend (6 months)
80/100 +2 pts
12
01
02
03
04
05
Patterns are extracted from review corpus and human-verified. We surface trends, not anecdotes.
Verified Pricing

What buyers actually pay

87 anonymized deal disclosures · last updated 2026-05-01

Contribute your deal price
Company size Median annual
50-500 secrets $720
500-5,000 secrets $6,000
5,000+ secrets $36,000
Verified pricing is crowdsourced from buyers under anonymity guarantees. Vendor-listed prices are validated against actual deals quarterly.
Compliance & Security

Auto-verified certifications

Verified 2026-05-01
SOC 2 Type II
ISO 27001
HIPAA
GDPR
CCPA
PCI DSS
FedRAMP Authorized

Editorial: Strengths

  • Native AWS integration with KMS, IAM, RDS, Lambda, ECS, EKS
  • Automatic rotation for supported targets (RDS engines, Redshift, DocumentDB)
  • Tight IAM policy model with resource-based and identity-based policies
  • High durability and AWS-region availability inherited from the platform
  • Pricing model is fully public on the AWS pricing page
  • No separate vendor relationship for AWS-only estates

Editorial: Weaknesses

  • AWS lock-in; not a portable secrets posture across clouds
  • Per-secret per month plus per-API-call pricing creates surprises at fan-out
  • Rotation automated only for fixed supported targets; everything else needs custom Lambda
  • No first-class developer UX; AWS console is acceptable but not delightful
  • No PKI engine; ACM Private CA is a separate AWS service
  • Cross-account access requires explicit policy work

Key features & integrations

  • +Encrypted secret storage with AWS KMS
  • +Automatic rotation for supported AWS targets (RDS, Redshift, DocumentDB)
  • +Custom rotation via Lambda functions
  • +IAM resource-based and identity-based policies
  • +CloudTrail audit logging integrated
  • +Tight integration with RDS, Lambda, ECS, EKS, CodeBuild
  • +Cross-Region replication
  • +Resource tagging and ABAC
  • +VPC endpoint support
50+ integrations
AWS LambdaAWS RDSAWS ECSAWS EKSAWS CloudTrailAWS IAMAWS KMSAWS CodeBuildHashiCorp Vault (federation)Doppler (federation)
Geography supported
Global (AWS regions)
Best fit
Any employees · AWS-anchored estates of any size
Editorial deep-dive

Read our full ranking of Secrets Management Software

AWS Secrets Manager ranks #4 in our editorial review of 10 secrets management software platforms. The deep-dive covers methodology, comparison tables, decision matrix, migration scoring, and FAQs.

Read the full ranking

Closest alternatives in Secrets Management Software

#3
1Password Secrets Automation
Secrets automation on top of the broader 1Password Business platform.
★ 4.7 partial
#5
Akeyless Vault Platform
KMS-as-a-service vault-less architecture with Distributed Fragments Cryptography.
★ 4.7 opaque
#2
Doppler
Developer-first secrets platform for cloud-native teams.
★ 4.7 partial
Help the next buyer

Contribute your verified deal price

Pricing in B2B software is opaque because vendors want it that way. Verified buyer prices fix that, anonymously. Share what you actually paid for AWS Secrets Manager; we’ll add it to the verified pricing dataset on this page (with company size band only, no identifying details).

Submit anonymously