What security does Render offer when it comes to storing Environment Variables?

Typically, I have seen that it is best practice to store environment variables (DB passwords, API keys, etc.) in a secret manager like AWS Secrets Manager or Google Cloud Secret Manager. Is this still necessary? Or does Render offer secure methods to just use the provided environment variable storage method?