AWS Secrets Manager

Integration with AWS Secrets Manager.

Actions

AWS Secrets Manager Connect

Connect to a AWS regional Secrets Manager service.

Input

Name Description Type Required Syntax
Access Key IAM user access key for programmatic access. password-input True True
Secret Access Key IAM user secret access key for programmatic access. password-input True True
region Selected region to use when connecting to the lambda service. dropdown True False

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}}

AWS Secrets Manager Disconnect

Disconnect from the connected AWS Secrets Manager service.

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}

AWS Secrets Manager List Secrets

Lists secrets found within the AWS secrets manager service.

Input

Name Description Type Required Syntax
max Results Number of results per page. input False False
Filter when provided will filter the results as per the provided filter value. json-input False True

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
secrets List of secrets found. json True {}

AWS Secrets Manager Get Secret

Returns a secret's key/values.

Input

Name Description Type Required Syntax
Secret ID The name or ARN of the secret you want to retrieve. input True True
Plaintext When true the value will be returned in plaintext. checkbox True False

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
secret Key/Value secret data. json True {}

AWS Secrets Manager Get Secret Value

Returns a given secret value in encrypted or plaintext format.

Input

Name Description Type Required Syntax
Secret ID The name or ARN of the secret you want to retrieve. input True True
Secret Key Key of the value you want to retrieve. input True True
Plaintext When true the value will be returned in plaintext. checkbox True False

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
secret Secret value. string True {}

AWS Secrets Manager Describe Secret

Get detailed information about a secret but without retrieving the secret data

Input

Name Description Type Required Syntax
Secret ID The name or ARN of the secret you want to retrieve. input True True

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
secret Secret Data. string True {}

AWS Secrets Manager Rotate Secret

Request AWS to rotate the given secrets value.

Input

Name Description Type Required Syntax
Secret ID The name or ARN of the secret you want to retrieve. input True True
Lambda Rotation Function ARN The ARN of the Lambda rotation function that can rotate the secret. input True True
Rotation Rules A structure that defines the rotation configuration for this secret. Refer to boto3 documentation on how to define this. json-input False True
Rotate Immediately Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules . checkbox True False

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
response Response from the AWS API. json True {}

AWS Secrets Manager Create Secret

Create a new AWS secret within AWS Secrets Manager.

Input

Name Description Type Required Syntax
Secret Name Name of the new secret being created. input True True
Description Description the new secret being created. input False True
KMS Key ID KMS key to use when storing the new secret. input False True
Secret Key/Value Secret data in the format of key/value. json-input True True
Tags AWS tags to apply to the secret being created. json-input False True
Replica Regions A list of Regions and KMS keys to replicate secrets. json-input False True
Force over-write Replica Secret Specifies whether to overwrite a secret with the same name in the destination Region. checkbox False False

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
secret Returns the response data of the new secret created. json True {}

AWS Secrets Manager Update Secret

Updates the key/value secret data within an AWS secret.

Input

Name Description Type Required Syntax
Secret ID The name or ARN of the secret you want to retrieve. input True True
Description when provided the description will also be updated. input False True
KMS Key ID when provided the KMS key will also be updated. input False True
Secret Key/Value Secret data in the format of key/value. json-input True True

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
secret Returns the response from the AWS secret manager service. json True {}

AWS Secrets Manager Delete Secret

Deletes a secret from AWS Secrets Manager.

Input

Name Description Type Required Syntax
Secret ID The name or ARN of the secret you want to retrieve. input True True
Recovery Window ( days ) Number of days after deletion that a secret can be recovered. input False False
Force Delete Without Recovery When True the secret will be deleted and it will not be possible to restore it. checkbox False False

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
secret Returns the response from the AWS secret manager service. json True {}

AWS Secrets Manager Generate Password

Generates a random password using the AWS Secrets Manager password generator function.

Input

Name Description Type Required Syntax
Length The length of the password. If you don't include this parameter, the default length is 32 characters. input True False
Exclude Characters A string of the characters that you don't want in the password. input False False
Exclude Numbers Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers. checkbox False False
Exclude Punctuation Specifies whether to exclude the following punctuation characters from the password: ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { } ~ . checkbox False
Exclude Uppercase Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters. checkbox False False
Exclude Lowercase Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters. checkbox False False
Include Space Specifies whether to include the space character. If you include this switch, the password can contain space characters. checkbox False False
Require Each_ Included Type Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type. checkbox False False
Plaintext When True the generated password will be returned in plaintext. checkbox False False

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}
password The password that was generated. string True {}

AWS Secrets Manager Create Tags

Creates tags on the defined secret.

Input

Name Description Type Required Syntax
Secret ID The name or ARN of the secret you want to retrieve. input True True
Tags Tags to create json-input False True

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}

AWS Secrets Manager Delete Tags

Deletes the defined list of tags from a secret.

Input

Name Description Type Required Syntax
Secret ID The name or ARN of the secret you want to retrieve. input True True
Tag Keys A list of keys that should be removed from the tags of the given secret. json-input False False

Output

Name Description Type always_present values
result Returns True when successful. boolean True {"True": {"description": "Successful."}, "False": {"description": "Failure."}}
rc Returns the exit code for the action. number True {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}}