AWS Secrets Manager has launched a feature called managed external secrets, designed to simplify how organizations manage third-party credentials. Traditionally, managing these credentials has been complex due to varying security approaches for each provider. Organizations often had to include extra metadata within secret values, leading to cumbersome updates and manual rotation processes. Managed external secrets aims to address these challenges by providing a standardized format and automated rotation for secrets from third-party applications like Salesforce, Snowflake, and BigID. With managed external secrets, users can store third-party secrets in predefined formats developed with integration partners. This eliminates the need to create custom strategies for storage and management. The feature also automates secret rotation by integrating directly with the software providers, allowing organizations to reduce operational overhead and maintain security controls. Managed external secrets supports fine-grained permissions via AWS Identity and Access Management (IAM), monitoring through Amazon CloudWatch and AWS CloudTrail, and threat detection with Amazon GuardDuty. There's no extra cost for this new secret type under Secrets Manager's existing pricing model. To create a managed external secret, an AWS account with the right permissions is required, including access to the AWS Management Console or programmatic access through the AWS Command Line Interface (CLI). The integration currently supports three partners and will expand over time. Users can select a third-party provider, input necessary credentials, and configure details like encryption options. The process includes specifying metadata for rotation and permissions, ensuring a centralized approach to managing both AWS and third-party secrets.