Manually rotates a secret.
Limits:
• A secret of each Alibaba Cloud account can be rotated for a maximum of 50 times per hour.
• The RotateSecret operation is unavailable for standard secrets.
In this example, the RdsSecret/Mysql5.4/MyCred
secret is manually rotated, and the version number of the secret is set to 000000123
after the secret is rotated.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | String | Yes | RotateSecret |
The operation that you want to perform. Set the value to RotateSecret. |
SecretName | String | Yes | RdsSecret/Mysql5.4/MyCred |
The name of the secret. |
VersionId | String | Yes | 000000123 |
The version number of the secret after the secret is rotated. Note The version number is used to ensure the idempotence of the request. Secrets Manager
uses this version number to prevent your application from creating the same version
of the secret when the application retries a request. If a version number already
exists, Secrets Manager ignores the request for rotation and returns a success message.
|
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
Arn | String | acs:kms:cn-hangzhou:154035569884****:secret/RdsSecret/Mysql5.4/MyCred |
The Alibaba Cloud Resource Name (ARN) of the secret. |
SecretName | String | RdsSecret/Mysql5.4/MyCred |
The name of the secret. |
VersionId | String | 000000123 |
The version number of the secret after the secret is rotated. |
RequestId | String | 10257c86-269d-43aa-aaf3-90ed4144bb7c |
The ID of the request. |
For more information about common request parameters, see Common parameters.
Examples
Sample requests
http(s)://[Endpoint]/? Action=RotateSecret
&SecretName=RdsSecret/Mysql5.4/MyCred
&VersionId=000000123
&<Common request parameters>
Sample success responses
XML
format
<KMS>
<Arn>acs:kms:cn-hangzhou:154035569884****:secret/RdsSecret/Mysql5.4/MyCred</Arn>
<SecretName>RdsSecret/Mysql5.4/MyCred</SecretName>
<VersionId>000000123</VersionId>
<RequestId>10257c86-269d-43aa-aaf3-90ed4144bb7c</RequestId>
</KMS>
JSON
format
{
"Arn": "acs:kms:cn-hangzhou:154035569884****:secret/RdsSecret/Mysql5.4/MyCred",
"SecretName": "RdsSecret/Mysql5.4/MyCred",
"VersionId": "000000123",
"RequestId": "10257c86-269d-43aa-aaf3-90ed4144bb7c"
}
Error codes
For a list of error codes, visit the API Error Center.