I recently had to store a JSON string in the AWS secrets Manager. This JSON string contains a private key, therefore it is highly susceptible to any character translations. Often, the character translation could add more slashes or replace escape sequences.

Base64 is a reliable method to avoid character translations. Instead storing the original key, I stored the base64 encoded key, and my application decode the key during the provision. I use Django. So, it is important that Django fails to start up when it is unable to decode the key, and it is easy to achieve this - do not try to catch any errors in your decoding function or method, let the error propagate up.

If you are interested in learning more about base64, read Adrin Mukherjee’s article.