Menu
AWS Secrets Manager API Reference
AWS Secrets Manager API Reference Guide (API Version 2017-10-17)

ListSecretVersionIds

Lists all of the versions attached to the specified secret. The output does not include the SecretString or SecretBinary fields. By default, the list includes only versions that have at least one staging label in VersionStage attached.

Note

Always check the NextToken response parameter when calling any of the List* operations. These operations can occasionally return an empty or shorter than expected list of results even when there are more results available. When this happens, the NextToken response parameter contains a value to pass to the next call to the same API to request the next part of the list.

Minimum permissions

To run this command, you must have the following permissions:

  • secretsmanager:ListSecretVersionIds

Related operations

Request Syntax

{ "IncludeDeprecated": boolean, "MaxResults": number, "NextToken": "string", "SecretId": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

IncludeDeprecated

(Optional) Specifies that you want the results to include versions that do not have any staging labels attached to them. Such versions are considered deprecated and are subject to deletion by Secrets Manager as needed.

Type: Boolean

Required: No

MaxResults

(Optional) Limits the number of results that you want to include in the response. If you don't include this parameter, it defaults to a value that's specific to the operation. If additional items exist beyond the maximum you specify, the NextToken response element is present and has a value (isn't null). Include that value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that Secrets Manager might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 100.

Required: No

NextToken

(Optional) Use this parameter in a request if you receive a NextToken response in a previous request that indicates that there's more output available. In a subsequent call, set it to the value of the previous call's NextToken response to indicate where the output should continue from.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 4096.

Required: No

SecretId

The identifier for the secret containing the versions you want to list. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Required: Yes

Response Syntax

{ "ARN": "string", "Name": "string", "NextToken": "string", "Versions": [ { "CreatedDate": number, "LastAccessedDate": number, "VersionId": "string", "VersionStages": [ "string" ] } ] }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

ARN

The Amazon Resource Name (ARN) for the secret.

Note

Secrets Manager automatically adds several random characters to the name at the end of the ARN when you initially create a secret. This affects only the ARN and not the actual friendly name. This ensures that if you create a new secret with the same name as an old secret that you previously deleted, then users with access to the old secret don't automatically get access to the new secret because the ARNs are different.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Name

The friendly name of the secret.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

NextToken

If present in the response, this value indicates that there's more output available than what's included in the current response. This can occur even when the response includes no values at all, such as when you ask for a filtered view of a very long list. Use this value in the NextToken request parameter in a subsequent call to the operation to continue processing and get the next part of the output. You should repeat this until the NextToken response element comes back empty (as null).

Type: String

Length Constraints: Minimum length of 1. Maximum length of 4096.

Versions

The list of the currently available versions of the specified secret.

Type: Array of SecretVersionsListEntry objects

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServiceError

An error occurred on the server side.

HTTP Status Code: 500

InvalidNextTokenException

You provided an invalid NextToken value.

HTTP Status Code: 400

ResourceNotFoundException

We can't find the resource that you asked for.

HTTP Status Code: 400

Example

The following example shows how to retrieve a list of all of the versions of a secret, including those without any staging labels. The JSON request string input and response output are shown formatted with white space and line breaks for better readability. Submit your input as a single line JSON string.

Sample Request

POST / HTTP/1.1 Host: secretsmanager.region.domain Accept-Encoding: identity X-Amz-Target: secretsmanager.ListSecretVersionIds Content-Type: application/x-amz-json-1.1 User-Agent: <user-agent-string> X-Amz-Date: <date> Authorization: AWS4-HMAC-SHA256 Credential=<credentials>,SignedHeaders=<headers>, Signature=<signature> Content-Length: <payload-size-bytes> { "SecretId": "MyTestDatabaseSecret", "IncludeDeprecated": true }

Sample Response

HTTP/1.1 200 OK Date: <date> Content-Type: application/x-amz-json-1.1 Content-Length: <response-size-bytes> Connection: keep-alive x-amzn-RequestId: <request-id-guid> { "ARN":"arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3", "Name":"MyTestDatabaseSecret", "Versions":[ { "CreatedDate":1.523477145713E9, "VersionId":"EXAMPLE1-90ab-cdef-fedc-ba987SECRET1", "VersionStages":["AWSPREVIOUS"] }, { "CreatedDate":1.523486221391E9, "VersionId":"EXAMPLE2-90ab-cdef-fedc-ba987SECRET2", "VersionStages":["AWSCURRENT"] }, { "CreatedDate": 1.51197446236E9, "VersionId": "EXAMPLE3-90ab-cdef-fedc-ba987SECRET3" } ] }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: