SecretListEntry - AWS Secrets Manager
ContentsSee Also

SecretListEntry

A structure that contains the details about a secret. It does not include the encrypted SecretString and SecretBinary values. To get those values, use GetSecretValue .

Contents

ARN

The Amazon Resource Name (ARN) of the secret.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Required: No

CreatedDate

The date and time when a secret was created.

Type: Timestamp

Required: No

DeletedDate

The date and time the deletion of the secret occurred. Not present on active secrets. The secret can be recovered until the number of days in the recovery window has passed, as specified in the RecoveryWindowInDays parameter of the DeleteSecret operation.

Type: Timestamp

Required: No

Description

The user-provided description of the secret.

Type: String

Length Constraints: Maximum length of 2048.

Required: No

KmsKeyId

The ARN of the AWS KMS key that Secrets Manager uses to encrypt the secret value. If the secret is encrypted with the AWS managed key aws/secretsmanager, this field is omitted.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 2048.

Required: No

LastAccessedDate

The date that the secret was last accessed in the Region. This field is omitted if the secret has never been retrieved in the Region.

Type: Timestamp

Required: No

LastChangedDate

The last date and time that this secret was modified in any way.

Type: Timestamp

Required: No

LastRotatedDate

The most recent date and time that the Secrets Manager rotation process was successfully completed. This value is null if the secret hasn't ever rotated.

Type: Timestamp

Required: No

Name

The friendly name of the secret.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

Required: No

NextRotationDate

The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation or rotation has been disabled, Secrets Manager returns null.

Type: Timestamp

Required: No

OwningService

Returns the name of the service that created the secret.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: No

PrimaryRegion

The Region where Secrets Manager originated the secret.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: ^([a-z]+-)+\d+$

Required: No

RotationEnabled

Indicates whether automatic, scheduled rotation is enabled for this secret.

Type: Boolean

Required: No

RotationLambdaARN

The ARN of an AWS Lambda function invoked by Secrets Manager to rotate and expire the secret either automatically per the schedule or manually by a call to RotateSecret.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 2048.

Required: No

RotationRules

A structure that defines the rotation configuration for the secret.

Type: RotationRulesType object

Required: No

SecretVersionsToStages

A list of all of the currently assigned SecretVersionStage staging labels and the SecretVersionId attached to each one. Staging labels are used to keep track of the different versions during the rotation process.

Note

A version that does not have any SecretVersionStage is considered deprecated and subject to deletion. Such versions are not included in this list.

Type: String to array of strings map

Key Length Constraints: Minimum length of 32. Maximum length of 64.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Length Constraints: Minimum length of 1. Maximum length of 256.

Required: No

Tags

The list of user-defined tags associated with the secret. To add tags to a secret, use TagResource. To remove tags, use UntagResource.

Type: Array of Tag objects

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: