GetRandomPassword
Generates a random password. We recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.
Request Syntax
{
"ExcludeCharacters": "string",
"ExcludeLowercase": boolean,
"ExcludeNumbers": boolean,
"ExcludePunctuation": boolean,
"ExcludeUppercase": boolean,
"IncludeSpace": boolean,
"PasswordLength": number,
"RequireEachIncludedType": boolean
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- ExcludeCharacters
-
A string of the characters that you don't want in the password.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 4096.
Required: No
- ExcludeLowercase
-
Set to true to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters.
Type: Boolean
Required: No
- ExcludeNumbers
-
Set to true to exclude numbers from the password. If you don't include this switch, the password can contain numbers.
Type: Boolean
Required: No
- ExcludePunctuation
-
Set to true to exclude the following punctuation characters from the password:
! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~. If you don't include this switch, the password can contain punctuation.Type: Boolean
Required: No
- ExcludeUppercase
-
Set to true to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters.
Type: Boolean
Required: No
- IncludeSpace
-
Set to true to exclude the space character. If you don't include this switch, the password can contain space characters.
Type: Boolean
Required: No
- PasswordLength
-
The length of the password. If you don't include this parameter, the default length is 32 characters.
Type: Long
Valid Range: Minimum value of 1. Maximum value of 4096.
Required: No
- RequireEachIncludedType
-
Set to true to include at least one of every allowed character type. If you don't include this switch, the password contains at least one of every character type.
Type: Boolean
Required: No
Response Syntax
{
"RandomPassword": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- RandomPassword
-
A string with the password.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 4096.
Errors
For information about the errors that are common to all actions, see Common Errors.
- InternalServiceError
-
An error occurred on the server side.
HTTP Status Code: 500
- InvalidParameterException
-
The parameter name is invalid value.
HTTP Status Code: 400
- InvalidRequestException
-
A parameter value is not valid for the current state of the resource.
Possible causes:
-
The secret is scheduled for deletion.
-
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
HTTP Status Code: 400
-
Examples
Example
The following example shows how to request a randomly generated password. This example includes the optional flags to require spaces and at least one character of each included type. It specifies a length of 20 characters.
Sample Request
POST / HTTP/1.1
Host: secretsmanager.region.domain
Accept-Encoding: identity
X-Amz-Target: secretsmanager.GetRandomPassword
Content-Type: application/x-amz-json-1.1
User-Agent: <user-agent-string>
X-Amz-Date: <date>
Authorization: AWS4-HMAC-SHA256 Credential=<credentials>,SignedHeaders=<headers>, Signature=<signature>
Content-Length: <payload-size-bytes>
{
"PasswordLength": 20,
"IncludeSpace": true,
"RequireEachIncludedType": true
}Sample Response
HTTP/1.1 200 OK
Date: <date>
Content-Type: application/x-amz-json-1.1
Content-Length: <response-size-bytes>
Connection: keep-alive
x-amzn-RequestId: <request-id-guid>
{
"RandomPassword":"N+Z43a,>vx7j O8^*<8i3"
}
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
