AWS Secrets Manager
User Guide

Document History for AWS Secrets Manager

The following table describes major documentation updates for AWS Secrets Manager.

  • API version: 2017-10-17

Change Description Date

Use existing Lambda rotation functions with your secrets

When you enable rotation for a secret in the Secrets Manager console, you can now choose an existing Lambda function in addition to being able to create new functions.

November 15, 2018

Tag your secrets using the Secrets Manger console

You can now include tags when create and modify your secrets using the Secrets Manager console.

November 15, 2018

Create secrets programmatically with CloudFormation

You can now create secrets by defining it in a CloudFormation template. If the secret is associated with one of the fully supported databases, then you can also generate the credentials dynamically during the processing of the template, configure the database to use those credentials and store them in a secret that is configured to automatically rotate.

November 12, 2018

Delete a secret without a recovery window

You can now delete secrets without specifying a recovery window. This enables you to 'clean up' unneeded secrets without having to wait a minimum of seven days.

August 9, 2018

Private VPC service endpoints

You can now configure private service endpoints for Secrets Manager within your VPCs. This enables you to call Secrets Manager API operations from within a VPC without requiring connection to the public internet.

July 11, 2018

Resource-based policies

You can now attach IAM permission policies directly to a secret to determine who can access that secret. This also enables cross-account access because you can specify other AWS accounts in the Principal element of a resource-based policy.

June 26, 2018

Compliance with HIPAA

Secrets Manager is now available as a HIPAA-eligible service.

June 4, 2018

Initial release of service

Documentation is provided for the initial release of AWS Secrets Manager.

April 4, 2018