The lure to keep connection string to the database in source code is one of the common mistakes.
Keep secrets in source code even if sensitive data is encrypted that is a well-known antipattern.
It can lead to issues like data breach by a malicious actor, losing or corrupting data by a non-authorised engineer with lack of knowledge.
Passwords, tokens, keys, connection strings, and other sensitive information which are used by applications should be treated as secrets.
There are several tools for AWS cloud that allows managing secrets for microservice oriented solutions.