Do you have a recommended strategy for secrets management?
A customer asked: > Do you have a recommended strategy to manage secrets along the infra and the apps in your modules/documentation or reference architecture?
We've designed our Ref Arch to be a showcase of best practices for security and secrets management. Our tooling uses AWS Secrets Manager to store sensitive information. Our modules, AWS Sample apps, and tooling all leverage Secrets Manager to securely store and retrieve this data. Our [AWS Sample App](https://github.com/gruntwork-io/aws-sample-app) demonstrates how to fetch sensitive info (the DB password, in this case) upon startup and to store that information in memory only, without persisting it to disk. Once you've received your Reference Architecture, you can certainly feel free to adopt these patterns in your own code.