How AWS Glue DataBrew uses AWS Secrets Manager - AWS Secrets Manager
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

How AWS Glue DataBrew uses AWS Secrets Manager

AWS Glue DataBrew is a visual data preparation tool that you can use to clean and normalize data without writing any code. In DataBrew, a set of data transformation steps is called a recipe. AWS Glue DataBrew provides the DETERMINISTIC_DECRYPT, DETERMINISTIC_ENCRYPT, and CRYPTOGRAPHIC_HASH recipe steps to perform transformations on personally identifiable information (PII) in a dataset, which use an encryption key stored in a Secrets Manager secret. If you use the DataBrew default secret to store the encryption key, DataBrew creates a managed secret with the prefix databrew. The cost of storing the secret is included with the charge for using DataBrew. If you create a new secret to store the encryption key, DataBrew creates a secret with the prefix AwsGlueDataBrew. You are charged for that secret.