UpdateSecretRotationPolicy - Key Management Service - Alibaba Cloud Documentation Center

Updates the rotation policy of a secret.

After automatic rotation is enabled, Secrets Manager schedules the first automatic rotation by adding the preset rotation interval to the timestamp of the last rotation.

Limits: The UpdateSecretRotationPolicy operation cannot be used to update the rotation policy of generic secrets.

In this example, the rotation policy of the RdsSecret/Mysql5.4/MyCred secret is updated. The following settings are modified:

The EnableAutomaticRotation parameter is set to true, which indicates that automatic rotation is enabled.
The RotationInterval parameter is set to 30d, which indicates that the interval for automatic rotation is 30 days.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	UpdateSecretRotationPolicy	The operation that you want to perform. Set the value to UpdateSecretRotationPolicy.
SecretName	String	Yes	RdsSecret/Mysql5.4/MyCred	The name of the secret.
EnableAutomaticRotation	Boolean	Yes	true	Specifies whether to enable automatic rotation. Valid values: true: enables automatic rotation. false: does not enable automatic rotation. This is the default value.
RotationInterval	String	No	30d	The interval for automatic rotation. Valid values: 6 hours to 8,760 hours (365 days). The value is in the `integer[unit]` format. The unit can be d (day), h (hour), m (minute), or s (second). For example, both 7d and 604800s indicate a seven-day interval. Note This parameter is required if you set the EnableAutomaticRotation parameter to true. This parameter is ignored if you set the EnableAutomaticRotation parameter to false or do not specify the EnableAutomaticRotation parameter.

For more information about common request parameters, see Common parameters.

Response parameters


Parameter	Type	Example	Description
SecretName	String	RdsSecret/Mysql5.4/MyCred	The name of the secret.
RequestId	String	2c124f6f-4210-499f-b88a-69f54004d2d8	The ID of the request, which is used to locate and troubleshoot issues.

Examples

Sample requests

http(s)://[Endpoint]/?Action=UpdateSecretRotationPolicy
&SecretName=RdsSecret/Mysql5.4/MyCred
&EnableAutomaticRotation=true
&RotationInterval=30d
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<UpdateSecretRotationPolicyResponse>
    <SecretName>RdsSecret/Mysql5.4/MyCred</SecretName>
    <RequestId>2c124f6f-4210-499f-b88a-69f54004d2d8</RequestId>
</UpdateSecretRotationPolicyResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "SecretName" : "RdsSecret/Mysql5.4/MyCred",
  "RequestId" : "2c124f6f-4210-499f-b88a-69f54004d2d8"
}

Error codes

For a list of error codes, visit the API Error Center.