AWS Secrets Manager
Integration with AWS Secrets Manager.
Actions
AWS Secrets Manager Connect
Connect to a AWS regional Secrets Manager service.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Access Key | IAM user access key for programmatic access. | password-input | True | True |
Secret Access Key | IAM user secret access key for programmatic access. | password-input | True | True |
region | Selected region to use when connecting to the lambda service. | dropdown | True | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AWS Secrets Manager Disconnect
Disconnect from the connected AWS Secrets Manager service.
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
AWS Secrets Manager List Secrets
Lists secrets found within the AWS secrets manager service.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
max Results | Number of results per page. | input | False | False |
Filter | when provided will filter the results as per the provided filter value. | json-input | False | True |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
secrets | List of secrets found. | json | True | {} |
AWS Secrets Manager Get Secret
Returns a secret's key/values.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret ID | The name or ARN of the secret you want to retrieve. | input | True | True |
Plaintext | When true the value will be returned in plaintext. | checkbox | True | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
secret | Key/Value secret data. | json | True | {} |
AWS Secrets Manager Get Secret Value
Returns a given secret value in encrypted or plaintext format.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret ID | The name or ARN of the secret you want to retrieve. | input | True | True |
Secret Key | Key of the value you want to retrieve. | input | True | True |
Plaintext | When true the value will be returned in plaintext. | checkbox | True | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
secret | Secret value. | string | True | {} |
AWS Secrets Manager Describe Secret
Get detailed information about a secret but without retrieving the secret data
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret ID | The name or ARN of the secret you want to retrieve. | input | True | True |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
secret | Secret Data. | string | True | {} |
AWS Secrets Manager Rotate Secret
Request AWS to rotate the given secrets value.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret ID | The name or ARN of the secret you want to retrieve. | input | True | True |
Lambda Rotation Function ARN | The ARN of the Lambda rotation function that can rotate the secret. | input | True | True |
Rotation Rules | A structure that defines the rotation configuration for this secret. Refer to boto3 documentation on how to define this. | json-input | False | True |
Rotate Immediately | Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules . | checkbox | True | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
response | Response from the AWS API. | json | True | {} |
AWS Secrets Manager Create Secret
Create a new AWS secret within AWS Secrets Manager.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret Name | Name of the new secret being created. | input | True | True |
Description | Description the new secret being created. | input | False | True |
KMS Key ID | KMS key to use when storing the new secret. | input | False | True |
Secret Key/Value | Secret data in the format of key/value. | json-input | True | True |
Tags | AWS tags to apply to the secret being created. | json-input | False | True |
Replica Regions | A list of Regions and KMS keys to replicate secrets. | json-input | False | True |
Force over-write Replica Secret | Specifies whether to overwrite a secret with the same name in the destination Region. | checkbox | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
secret | Returns the response data of the new secret created. | json | True | {} |
AWS Secrets Manager Update Secret
Updates the key/value secret data within an AWS secret.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret ID | The name or ARN of the secret you want to retrieve. | input | True | True |
Description | when provided the description will also be updated. | input | False | True |
KMS Key ID | when provided the KMS key will also be updated. | input | False | True |
Secret Key/Value | Secret data in the format of key/value. | json-input | True | True |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
secret | Returns the response from the AWS secret manager service. | json | True | {} |
AWS Secrets Manager Delete Secret
Deletes a secret from AWS Secrets Manager.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret ID | The name or ARN of the secret you want to retrieve. | input | True | True |
Recovery Window ( days ) | Number of days after deletion that a secret can be recovered. | input | False | False |
Force Delete Without Recovery | When True the secret will be deleted and it will not be possible to restore it. | checkbox | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
secret | Returns the response from the AWS secret manager service. | json | True | {} |
AWS Secrets Manager Generate Password
Generates a random password using the AWS Secrets Manager password generator function.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Length | The length of the password. If you don't include this parameter, the default length is 32 characters. | input | True | False |
Exclude Characters | A string of the characters that you don't want in the password. | input | False | False |
Exclude Numbers | Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers. | checkbox | False | False |
Exclude Punctuation | Specifies whether to exclude the following punctuation characters from the password: ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ . | checkbox | False |
Exclude Uppercase | Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters. | checkbox | False | False |
Exclude Lowercase | Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters. | checkbox | False | False |
Include Space | Specifies whether to include the space character. If you include this switch, the password can contain space characters. | checkbox | False | False |
Require Each_ Included Type | Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type. | checkbox | False | False |
Plaintext | When True the generated password will be returned in plaintext. | checkbox | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
password | The password that was generated. | string | True | {} |
AWS Secrets Manager Create Tags
Creates tags on the defined secret.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret ID | The name or ARN of the secret you want to retrieve. | input | True | True |
Tags | Tags to create | json-input | False | True |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |
AWS Secrets Manager Delete Tags
Deletes the defined list of tags from a secret.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Secret ID | The name or ARN of the secret you want to retrieve. | input | True | True |
Tag Keys | A list of keys that should be removed from the tags of the given secret. | json-input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}, "500": {"description": "No existing AWS Secrets Manager connection found, ensure the flow has first run a AWS Secrets Manager Connect before this action."}} |