Since Adobe runs our AEM environment in AWS, we would like Adobe to make use of the AWS security features for my company. Here’s the specifics:
We want to use AWS STS to manage access to the companies Cognito service in AWS to get access to a JWT. This is instead of using CryptoSupport.
We would like to make use of AWS Secrets Manager and/or AWS Parameter Store to protect sensitive data. We would like to use a Customer Managed Key provided by the customer for Secrets Manager and Parameter Store.
Our objective is to not allow developer or Adobe support personnel from seeing any sensitive items like a password, api key, access credentials. Since AWS has services that meet our needs, we would like Adobe to expose those services to us through the AEM authoring / administrative tools.