シークレット一覧
list-secrets
C:\Users\a>
C:\Users\a>aws secretsmanager list-secrets
{
"SecretList": []
}
C:\Users\a>
シークレット作成(AWS CLIのみ)
create-secret
C:\Users\a>
C:\Users\a>aws secretsmanager create-secret --name testsecret1 --secret-string "{\"user_key\":\"user_value1\",\"password_key\":\"password_value1\"}"
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret1-Si9BGC",
"Name": "testsecret1",
"VersionId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
C:\Users\a>一覧から確認
C:\Users\a>
C:\Users\a>aws secretsmanager list-secrets
{
"SecretList": [
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret1-Si9BGC",
"Name": "testsecret1",
"LastChangedDate": "2025-01-03T19:27:10.091000+09:00",
"LastAccessedDate": "2025-01-03T09:00:00+09:00",
"SecretVersionsToStages": {
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx": [
"AWSCURRENT"
]
},
"CreatedDate": "2025-01-03T19:27:10.055000+09:00"
}
]
}
C:\Users\a>
シークレット確認
get-secret-value
C:\Users\a>
C:\Users\a>aws secretsmanager get-secret-value --secret-id testsecret1
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret1-Si9BGC",
"Name": "testsecret1",
"VersionId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SecretString": "{\"user_key\":\"user_value1\",\"password_key\":\"password_value1\"}",
"VersionStages": [
"AWSCURRENT"
],
"CreatedDate": "2025-01-03T19:27:10.087000+09:00"
}
C:\Users\a>jqコマンドを使ってvalueだけ抽出
C:\Users\a>
C:\Users\a>aws secretsmanager get-secret-value --secret-id testsecret1 | jq -r ".SecretString | fromjson | .user_key"
user_value1
C:\Users\a>
シークレット更新
update-secret
C:\Users\a>
C:\Users\a>aws secretsmanager update-secret --secret-id testsecret1 --secret-string "{\"user_key\":\"user_value2\",\"password_key\":\"password_value2\"}"
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret1-Si9BGC",
"Name": "testsecret1",
"VersionId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
C:\Users\a>シークレットを指定して確認
C:\Users\a>
C:\Users\a>aws secretsmanager get-secret-value --secret-id testsecret1
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret1-Si9BGC",
"Name": "testsecret1",
"VersionId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SecretString": "{\"user_key\":\"user_value2\",\"password_key\":\"password_value2\"}",
"VersionStages": [
"AWSCURRENT"
],
"CreatedDate": "2025-01-03T19:28:16.942000+09:00"
}
C:\Users\a>
シークレット作成(jsonファイル使用)
create-secret
jsonファイルの中身を確認
C:\Users\a>
C:\Users\a>type C:\Users\a\Desktop\test.json
{"user_key":"user_value3","password_key":"password_value3"}
C:\Users\a>jsonファイルを引数にシークレット作成
C:\Users\a>
C:\Users\a>aws secretsmanager create-secret --name testsecret2 --secret-string file://C:\Users\a\Desktop\test.json
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret2-Khr3v0",
"Name": "testsecret2",
"VersionId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
C:\Users\a>一覧から確認
C:\Users\a>
C:\Users\a>aws secretsmanager list-secrets
{
"SecretList": [
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret1-Si9BGC",
"Name": "testsecret1",
"LastChangedDate": "2025-01-03T19:28:16.947000+09:00",
"LastAccessedDate": "2025-01-03T09:00:00+09:00",
"SecretVersionsToStages": {
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx": [
"AWSPREVIOUS"
],
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx": [
"AWSCURRENT"
]
},
"CreatedDate": "2025-01-03T19:27:10.055000+09:00"
},
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret2-Khr3v0",
"Name": "testsecret2",
"LastChangedDate": "2025-01-03T19:29:14.421000+09:00",
"SecretVersionsToStages": {
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx": [
"AWSCURRENT"
]
},
"CreatedDate": "2025-01-03T19:29:14.391000+09:00"
}
]
}
C:\Users\a>
シークレットを指定して確認
C:\Users\a>
C:\Users\a>aws secretsmanager get-secret-value --secret-id testsecret2
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret2-Khr3v0",
"Name": "testsecret2",
"VersionId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SecretString": "{\"user_key\":\"user_value3\",\"password_key\":\"password_value3\"}",
"VersionStages": [
"AWSCURRENT"
],
"CreatedDate": "2025-01-03T19:29:14.415000+09:00"
}
C:\Users\a>
シークレット削除
delete-secret
シークレット1の削除
C:\Users\a>
C:\Users\a>aws secretsmanager delete-secret --secret-id testsecret1
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret1-Si9BGC",
"Name": "testsecret1",
"DeletionDate": "2025-02-02T19:29:56.412000+09:00"
}
C:\Users\a>一覧から確認
C:\Users\a>
C:\Users\a>aws secretsmanager list-secrets
{
"SecretList": [
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret2-Khr3v0",
"Name": "testsecret2",
"LastChangedDate": "2025-01-03T19:29:14.421000+09:00",
"LastAccessedDate": "2025-01-03T09:00:00+09:00",
"SecretVersionsToStages": {
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx": [
"AWSCURRENT"
]
},
"CreatedDate": "2025-01-03T19:29:14.391000+09:00"
}
]
}
C:\Users\a>シークレット2の削除
C:\Users\a>
C:\Users\a>aws secretsmanager delete-secret --secret-id testsecret2
{
"ARN": "arn:aws:secretsmanager:ap-northeast-1:123456789012:secret:testsecret2-Khr3v0",
"Name": "testsecret2",
"DeletionDate": "2025-02-02T19:30:56.180000+09:00"
}
C:\Users\a>一覧から確認
C:\Users\a>
C:\Users\a>aws secretsmanager list-secrets
{
"SecretList": []
}
C:\Users\a>
参考
secretsmanager — AWS CLI 1.36.32 Command Reference
docs.aws.amazon.com
コメント