Secrets are passwords, API keys and other sensitive information an application running in the cloud may need to operate. Cloud security is extremely important as the cost of a breach can risk severe financial and reputation damage. Cloud providers offer secrets management tools like AWS Secrets Manager or Google Cloud KMS which are secure locations to store sensitive information like passwords. Instead of storing passwords in source code or in the application environment, applications ask Secrets Manager/Cloud KMS for the password, and then if authorized, AWS/Google will send the correct information back. By splitting up this process of accessing and storing secrets, cloud applications become more secure.
What do we mean by this?