ListSecretVersionIds - AWS Secrets Manager

ListSecretVersionIds

Lists the versions for a secret.

To list the secrets in the account, use ListSecrets .

To get the secret value from SecretString or SecretBinary, call GetSecretValue .

Minimum permissions

To run this command, you must have secretsmanager:ListSecretVersionIds permissions.

Request Syntax

{ "IncludeDeprecated": boolean, "MaxResults": number, "NextToken": "string", "SecretId": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

IncludeDeprecated

Specifies whether to include versions of secrets that don't have any staging labels attached to them. Versions without staging labels are considered deprecated and are subject to deletion by Secrets Manager.

Type: Boolean

Required: No

MaxResults

The number of results to include in the response.

If there are more results available, in the response, Secrets Manager includes NextToken. To get the next results, call ListSecretVersionIds again with the value from NextToken.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 100.

Required: No

NextToken

A token that indicates where the output should continue from, if a previous call did not show all results. To get the next results, call ListSecretVersionIds again with this value.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 4096.

Required: No

SecretId

The ARN or name of the secret whose versions you want to list.

For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Required: Yes

Response Syntax

{ "ARN": "string", "Name": "string", "NextToken": "string", "Versions": [ { "CreatedDate": number, "KmsKeyIds": [ "string" ], "LastAccessedDate": number, "VersionId": "string", "VersionStages": [ "string" ] } ] }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

ARN

The ARN of the secret.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Name

The name of the secret.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

NextToken

Secrets Manager includes this value if there's more output available than what is included in the current response. This can occur even when the response includes no values at all, such as when you ask for a filtered view of a long list. To get the next results, call ListSecretVersionIds again with this value.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 4096.

Versions

A list of the versions of the secret.

Type: Array of SecretVersionsListEntry objects

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServiceError

An error occurred on the server side.

HTTP Status Code: 500

InvalidNextTokenException

The NextToken value is invalid.

HTTP Status Code: 400

InvalidParameterException

The parameter name is invalid value.

HTTP Status Code: 400

ResourceNotFoundException

Secrets Manager can't find the resource that you asked for.

HTTP Status Code: 400

Examples

Example

The following example shows how to retrieve a list of the versions of a secret, including versions which have no staging labels attached. The JSON request string input and response output displays formatted code with white space and line breaks for better readability. Submit your input as a single line JSON string.

Sample Request

POST / HTTP/1.1 Host: secretsmanager.region.domain Accept-Encoding: identity X-Amz-Target: secretsmanager.ListSecretVersionIds Content-Type: application/x-amz-json-1.1 User-Agent: <user-agent-string> X-Amz-Date: <date> Authorization: AWS4-HMAC-SHA256 Credential=<credentials>,SignedHeaders=<headers>, Signature=<signature> Content-Length: <payload-size-bytes> { "SecretId": "MyTestDatabaseSecret", "IncludeDeprecated": true }

Sample Response

HTTP/1.1 200 OK Date: <date> Content-Type: application/x-amz-json-1.1 Content-Length: <response-size-bytes> Connection: keep-alive x-amzn-RequestId: <request-id-guid> { "ARN":"arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3", "Name":"MyTestDatabaseSecret", "Versions":[ { "CreatedDate":1.523477145713E9, "VersionId":"EXAMPLE1-90ab-cdef-fedc-ba987SECRET1", "VersionStages":["AWSPREVIOUS"] }, { "CreatedDate":1.523486221391E9, "VersionId":"EXAMPLE2-90ab-cdef-fedc-ba987SECRET2", "VersionStages":["AWSCURRENT"] }, { "CreatedDate": 1.51197446236E9, "VersionId": "EXAMPLE3-90ab-cdef-fedc-ba987SECRET3" } ] }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: