AWS Secrets Manager secrets managed by other AWS services

Many AWS services store and use secrets in AWS Secrets Manager. In some cases, these secrets are managed secrets, which means that the service that created them helps manage them. For example, some managed secrets include managed rotation, so you don't have to configure rotation yourself. The managing service might also restrict you from updating secrets or deleting them without a recovery period, which helps prevent outages because the managing service depends on the secret.

Managed secrets use a naming convention that includes the managing service ID to help identify them.


Secret name: ServiceID!MySecret
Secret ARN : arn:aws:us-east-1:ServiceID!MySecret-a1b2c3

IDs for services that manage secrets

appflow – How Amazon AppFlow uses AWS Secrets Manager
databrew – How AWS Glue DataBrew uses AWS Secrets Manager
datasync – How AWS DataSync uses AWS Secrets Manager
directconnect – How AWS Direct Connect uses AWS Secrets Manager
ecs-sc – Amazon Elastic Container Service
events – How Amazon EventBridge uses AWS Secrets Manager
marketplace-deployment – AWS Marketplace
opsworks-cm – How AWS OpsWorks for Chef Automate uses AWS Secrets Manager
rds – Amazon RDS
redshift – How Amazon Redshift uses AWS Secrets Manager
sqlworkbench – Amazon Redshift query editor v2

To find secrets that are managed by other AWS services, see Find managed secrets.

For a full list of services that use secrets, see AWS services that use AWS Secrets Manager secrets.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Cancel automatic rotation

Services that use secrets