Access AWS Secrets Manager - AWS Secrets Manager

Access AWS Secrets Manager

You can work with Secrets Manager in any of the following ways:

Secrets Manager console

You can manage your secrets using the browser-based Secrets Manager console and perform almost any task related to your secrets by using the console.

Command line tools

The AWS command line tools allows you to issue commands at your system command line to perform Secrets Manager and other AWS tasks. This can be faster and more convenient than using the console. The command line tools can be useful if you want to build scripts to perform AWS tasks.

When you enter commands in a command shell, there is a risk of the command history being accessed or utilities having access to your command parameters. See Mitigate the risks of using the AWS CLI to store your AWS Secrets Manager secrets.

AWS provides two sets of command line tools:

AWS SDKs

The AWS SDKs consist of libraries and sample code for various programming languages and platforms, for example, Java, Python, Ruby, .NET, and others. The SDKs include tasks such as cryptographically signing requests, managing errors, and retrying requests automatically. For more information, see AWS SDKs.

To download and install any of the SDKs, see Tools for Amazon Web Services.

For SDK documentation, see:

HTTPS Query API

The HTTPS Query API gives you programmatic access to Secrets Manager and AWS. The HTTPS Query API allows you to issue HTTPS requests directly to the service.

Although you can make direct calls to the Secrets Manager HTTPS Query API, we recommend that you use one of the SDKs instead. The SDK performs many useful tasks you otherwise must perform manually. For example, the SDKs automatically sign your requests and convert responses into a structure syntactically appropriate to your language.

To make HTTPS calls to Secrets Manager, you connect to a Secrets Manager endpoint.

Secrets Manager endpoints

To connect programmatically to Secrets Manager, you use an endpoint, the URL of the entry point for the service. The AWS SDKs and the AWS CLI automatically use the default endpoint for the service in an AWS Region. But you can specify an alternate endpoint for your API requests.

Secrets Manager offers endpoints that support Federal Information Processing Standard (FIPS) 140-2 in some Regions.

Region Name Region Endpoint Protocol
US East (Ohio) us-east-2

secretsmanager.us-east-2.amazonaws.com

secretsmanager-fips.us-east-2.amazonaws.com

HTTPS

HTTPS

US East (N. Virginia) us-east-1

secretsmanager.us-east-1.amazonaws.com

secretsmanager-fips.us-east-1.amazonaws.com

HTTPS

HTTPS

US West (N. California) us-west-1

secretsmanager.us-west-1.amazonaws.com

secretsmanager-fips.us-west-1.amazonaws.com

HTTPS

HTTPS

US West (Oregon) us-west-2

secretsmanager.us-west-2.amazonaws.com

secretsmanager-fips.us-west-2.amazonaws.com

HTTPS

HTTPS

Africa (Cape Town) af-south-1 secretsmanager.af-south-1.amazonaws.com HTTPS
Asia Pacific (Hong Kong) ap-east-1 secretsmanager.ap-east-1.amazonaws.com HTTPS
Asia Pacific (Hyderabad) ap-south-2 secretsmanager.ap-south-2.amazonaws.com HTTPS
Asia Pacific (Jakarta) ap-southeast-3 secretsmanager.ap-southeast-3.amazonaws.com HTTPS
Asia Pacific (Mumbai) ap-south-1 secretsmanager.ap-south-1.amazonaws.com HTTPS
Asia Pacific (Osaka) ap-northeast-3 secretsmanager.ap-northeast-3.amazonaws.com HTTPS
Asia Pacific (Seoul) ap-northeast-2 secretsmanager.ap-northeast-2.amazonaws.com HTTPS
Asia Pacific (Singapore) ap-southeast-1 secretsmanager.ap-southeast-1.amazonaws.com HTTPS
Asia Pacific (Sydney) ap-southeast-2 secretsmanager.ap-southeast-2.amazonaws.com HTTPS
Asia Pacific (Tokyo) ap-northeast-1 secretsmanager.ap-northeast-1.amazonaws.com HTTPS
Canada (Central) ca-central-1

secretsmanager.ca-central-1.amazonaws.com

secretsmanager-fips.ca-central-1.amazonaws.com

HTTPS

HTTPS

Europe (Frankfurt) eu-central-1 secretsmanager.eu-central-1.amazonaws.com HTTPS
Europe (Ireland) eu-west-1 secretsmanager.eu-west-1.amazonaws.com HTTPS
Europe (London) eu-west-2 secretsmanager.eu-west-2.amazonaws.com HTTPS
Europe (Milan) eu-south-1 secretsmanager.eu-south-1.amazonaws.com HTTPS
Europe (Paris) eu-west-3 secretsmanager.eu-west-3.amazonaws.com HTTPS
Europe (Spain) eu-south-2 secretsmanager.eu-south-2.amazonaws.com HTTPS
Europe (Stockholm) eu-north-1 secretsmanager.eu-north-1.amazonaws.com HTTPS
Europe (Zurich) eu-central-2 secretsmanager.eu-central-2.amazonaws.com HTTPS
Middle East (Bahrain) me-south-1 secretsmanager.me-south-1.amazonaws.com HTTPS
Middle East (UAE) me-central-1 secretsmanager.me-central-1.amazonaws.com HTTPS
South America (São Paulo) sa-east-1 secretsmanager.sa-east-1.amazonaws.com HTTPS
AWS GovCloud (US-East) us-gov-east-1

secretsmanager.us-gov-east-1.amazonaws.com

secretsmanager-fips.us-gov-east-1.amazonaws.com

HTTPS

HTTPS

AWS GovCloud (US-West) us-gov-west-1

secretsmanager.us-gov-west-1.amazonaws.com

secretsmanager-fips.us-gov-west-1.amazonaws.com

HTTPS

HTTPS