Retrieve secrets from AWS Secrets Manager - AWS Secrets Manager

Retrieve secrets from AWS Secrets Manager

You can retrieve your secrets:

Secrets Manager generates a CloudTrail log entry when you retrieve a secret. For more information, see Log AWS Secrets Manager events with AWS CloudTrail.

In code

In applications, you can retrieve your secrets by calling GetSecretValue or BatchGetSecretValuein any of the AWS SDKs. For examples, see Get a secret value in the AWS SDK Code Examples Library. However, we recommend that you cache your secret values by using client-side caching. Caching secrets improves speed and reduces your costs.

Within other systems and AWS services

You can also retrieve secrets within the following:

AWS CLI

Example Retrieve the encrypted secret value of a secret

The following get-secret-value example gets the current secret value.

aws secretsmanager get-secret-value \ --secret-id MyTestSecret
Example Retrieve the previous secret value

The following get-secret-value example gets the previous secret value.

aws secretsmanager get-secret-value \ --secret-id MyTestSecret --version-stage AWSPREVIOUS

AWS console

To retrieve a secret (console)
  1. Open the Secrets Manager console at https://console.aws.amazon.com/secretsmanager/.

  2. In the list of secrets, choose the secret you want to retrieve.

  3. In the Secret value section, choose Retrieve secret value.

    Secrets Manager displays the current version (AWSCURRENT) of the secret. To see other versions of the secret, such as AWSPREVIOUS or custom labeled versions, use the AWS CLI.