AWS Secrets Manager

AWS Secrets Manager

Flowoid allows you to automate repetitive tasks in AWS Secrets Manager. Connect AWS Secrets Manager with over 300 integrations and unlock its potential. No coding skills required.

Triggers

AWS Secrets Manager

New Secret

Lists all of the secrets that are stored by Secrets Manager in the AWS account. To list the versions currently stored for a specific secret, use ListSecretVersionIds. The encrypted fields SecretString and SecretBinary are not included in the output. To get that information, call the GetSecretValue operation. Always check the NextToken response parameter when calling any of the List\* operations. These operations can occasionally return an empty or shorter than expected list of results even when...
AWS Secrets Manager

New Secret Version Id

Lists all of the versions attached to the specified secret. The output does not include the SecretString or SecretBinary fields. By default, the list includes only versions that have at least one staging label in VersionStage attached. Always check the NextToken response parameter when calling any of the List\* operations. These operations can occasionally return an empty or shorter than expected list of results even when there more results become available. When this happens, the NextToken res...
AWS Secrets Manager

Validate Resource Policy

Validates the JSON text of the resource-based policy document attached to the specified secret. The JSON request string input and response output displays formatted code with white space and line breaks for better readability. Submit your input as a single line JSON string. A resource-based policy is optional.

Actions

AWS Secrets Manager

Cancel Rotate Secret

Disables automatic scheduled rotation and cancels the rotation of a secret if currently in progress. To re-enable scheduled rotation, call RotateSecret with AutomaticallyRotateAfterDays set to a value greater than 0. This immediately rotates your secret and then enables the automatic schedule. If you cancel a rotation while in progress, it can leave the VersionStage labels in an unexpected state. Depending on the step of the rotation in progress, you might need to remove the staging label AWSPE...
AWS Secrets Manager

Create Secret

Creates a new secret. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret. Secrets Manager stores the encrypted secret data in one of a collection of "versions" associated with the secret. Each version contains a copy of the encrypted secret data. Each version is associated with one or more "staging labels" that identify where the version is in the rotation cycle. The SecretVersionsToStages field of the secret contains...
AWS Secrets Manager

Delete Resource Policy

Deletes the resource-based permission policy attached to the secret. Minimum permissions To run this command, you must have the following permissions: secretsmanager:DeleteResourcePolicy Related operations To attach a resource policy to a secret, use PutResourcePolicy. To retrieve the current resource-based policy that's attached to a secret, use GetResourcePolicy. To list all of the currently available secrets, use ListSecrets.
AWS Secrets Manager

Delete Secret

Deletes an entire secret and all of its versions. You can optionally include a recovery window during which you can restore the secret. If you don't specify a recovery window value, the operation defaults to 30 days. Secrets Manager attaches a DeletionDate stamp to the secret that specifies the end of the recovery window. At the end of the recovery window, Secrets Manager deletes the secret permanently. At any time before recovery window ends, you can use RestoreSecret to remove the DeletionDate...
AWS Secrets Manager

Describe Secret

Retrieves the details of a secret. It does not include the encrypted fields. Secrets Manager only returns fields populated with a value in the response. Minimum permissions To run this command, you must have the following permissions: secretsmanager:DescribeSecret Related operations To create a secret, use CreateSecret. To modify a secret, use UpdateSecret. To retrieve the encrypted secret information in a version of the secret, use GetSecretValue. To list all of the secrets in...
AWS Secrets Manager

Get Random Password

Generates a random password of the specified complexity. This operation is intended for use in the Lambda rotation function. Per best practice, we recommend that you specify the maximum length and include every character type that the system you are generating a password for can support. Minimum permissions To run this command, you must have the following permissions: secretsmanager:GetRandomPassword
AWS Secrets Manager

Get Resource Policy

Retrieves the JSON text of the resource-based policy document attached to the specified secret. The JSON request string input and response output displays formatted code with white space and line breaks for better readability. Submit your input as a single line JSON string. Minimum permissions To run this command, you must have the following permissions: secretsmanager:GetResourcePolicy Related operations To attach a resource policy to a secret, use PutResourcePolicy. To delete the r...
AWS Secrets Manager

Get Secret Value

Retrieves the contents of the encrypted fields SecretString or SecretBinary from the specified version of a secret, whichever contains content. Minimum permissions To run this command, you must have the following permissions: secretsmanager:GetSecretValue kms:Decrypt - required only if you use a customer-managed AWS KMS key to encrypt the secret. You do not need this permission to use the account's default AWS managed CMK for Secrets Manager. Related operations To create a new versio...
AWS Secrets Manager

List Secret Version Ids

Lists all of the versions attached to the specified secret. The output does not include the SecretString or SecretBinary fields. By default, the list includes only versions that have at least one staging label in VersionStage attached. Always check the NextToken response parameter when calling any of the List\* operations. These operations can occasionally return an empty or shorter than expected list of results even when there more results become available. When this happens, the NextToken res...
AWS Secrets Manager

List Secrets

Lists all of the secrets that are stored by Secrets Manager in the AWS account. To list the versions currently stored for a specific secret, use ListSecretVersionIds. The encrypted fields SecretString and SecretBinary are not included in the output. To get that information, call the GetSecretValue operation. Always check the NextToken response parameter when calling any of the List\* operations. These operations can occasionally return an empty or shorter than expected list of results even when...
AWS Secrets Manager

Put Resource Policy

Attaches the contents of the specified resource-based permission policy to a secret. A resource-based policy is optional. Alternatively, you can use IAM identity-based policies that specify the secret's Amazon Resource Name (ARN) in the policy statement's Resources element. You can also use a combination of both identity-based and resource-based policies. The affected users and roles receive the permissions that are permitted by all of the relevant policies. For more information, see Using Resou...
AWS Secrets Manager

Put Secret Value

Stores a new encrypted secret value in the specified secret. To do this, the operation creates a new version and attaches it to the secret. The version can contain a new SecretString value or a new SecretBinary value. You can also specify the staging labels that are initially attached to the new version. The Secrets Manager console uses only the SecretString field. To add binary data to a secret with the SecretBinary field you must use the AWS CLI or one of the AWS SDKs. If this operation cr...
AWS Secrets Manager

Restore Secret

Cancels the scheduled deletion of a secret by removing the DeletedDate time stamp. This makes the secret accessible to query once again. Minimum permissions To run this command, you must have the following permissions: secretsmanager:RestoreSecret Related operations To delete a secret, use DeleteSecret.
AWS Secrets Manager

Rotate Secret

Configures and starts the asynchronous process of rotating this secret. If you include the configuration parameters, the operation sets those values for the secret and then immediately starts a rotation. If you do not include the configuration parameters, the operation starts a rotation with the values already stored in the secret. After the rotation completes, the protected service and its clients all use the new version of the secret. This required configuration information includes the ARN o...
AWS Secrets Manager

Tag Resource

Attaches one or more tags, each consisting of a key name and a value, to the specified secret. Tags are part of the secret's overall metadata, and are not associated with any specific version of the secret. This operation only appends tags to the existing list of tags. To remove tags, you must use UntagResource. The following basic restrictions apply to tags: Maximum number of tags per secret—50 Maximum key length—127 Unicode characters in UTF-8 Maximum value length—255 Unicode characters...
AWS Secrets Manager

Untag Resource

Removes one or more tags from the specified secret. This operation is idempotent. If a requested tag is not attached to the secret, no error is returned and the secret metadata is unchanged. If you use tags as part of your security strategy, then removing a tag can change permissions. If successfully completing this operation would result in you losing your permissions for this secret, then the operation is blocked and returns an Access Denied error. Minimum permissions To run this command,...
AWS Secrets Manager

Update Secret

Modifies many of the details of the specified secret. If you include a ClientRequestToken and either SecretString or SecretBinary then it also creates a new version attached to the secret. To modify the rotation configuration of a secret, use RotateSecret instead. The Secrets Manager console uses only the SecretString parameter and therefore limits you to encrypting and storing only a text string. To encrypt and store binary data as part of the version of a secret, you must use either the AWS C...
AWS Secrets Manager

Update Secret Version Stage

Modifies the staging labels attached to a version of a secret. Staging labels are used to track a version as it progresses through the secret rotation process. You can attach a staging label to only one version of a secret at a time. If a staging label to be added is already attached to another version, then it is moved--removed from the other version first and then attached to this one. For more information about staging labels, see Staging Labels in the AWS Secrets Manager User Guide. The sta...
AWS Secrets Manager

Validate Resource Policy

Validates the JSON text of the resource-based policy document attached to the specified secret. The JSON request string input and response output displays formatted code with white space and line breaks for better readability. Submit your input as a single line JSON string. A resource-based policy is optional.