ReplicateSecretToRegions
Replicates the secret to a new Regions. See Multi-Region secrets.
Required permissions:
secretsmanager:ReplicateSecretToRegions
.
For more information, see
IAM policy actions for Secrets Manager and Authentication
and access control in Secrets Manager.
Request Syntax
{
"AddReplicaRegions": [
{
"KmsKeyId": "string
",
"Region": "string
"
}
],
"ForceOverwriteReplicaSecret": boolean
,
"SecretId": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- AddReplicaRegions
-
A list of Regions in which to replicate the secret.
Type: Array of ReplicaRegionType objects
Array Members: Minimum number of 1 item.
Required: Yes
- ForceOverwriteReplicaSecret
-
Specifies whether to overwrite a secret with the same name in the destination Region.
Type: Boolean
Required: No
- SecretId
-
The ARN or name of the secret to replicate.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 2048.
Required: Yes
Response Syntax
{
"ARN": "string",
"ReplicationStatus": [
{
"KmsKeyId": "string",
"LastAccessedDate": number,
"Region": "string",
"Status": "string",
"StatusMessage": "string"
}
]
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- ARN
-
The ARN of the primary secret.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
- ReplicationStatus
-
The status of replication.
Type: Array of ReplicationStatusType objects
Errors
For information about the errors that are common to all actions, see Common Errors.
- InternalServiceError
-
An error occurred on the server side.
HTTP Status Code: 500
- InvalidParameterException
-
The parameter name or value is invalid.
HTTP Status Code: 400
- InvalidRequestException
-
A parameter value is not valid for the current state of the resource.
Possible causes:
-
The secret is scheduled for deletion.
-
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
HTTP Status Code: 400
-
- ResourceNotFoundException
-
Secrets Manager can't find the resource that you asked for.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: