SecretId (string) – [REQUIRED]
The ARN or name of the secret to retrieve.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
I can’t get this to work with the ARN though.
import boto3
boto3.client("secretsmanager").get_secret_value(SecretId="arn:aws:secretsmanager:us-east-1:260890374087:secret/Datadog/ApiKey-s3xUqf")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/Library/Python/3.9/site-packages/botocore/client.py", line 530, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Library/Python/3.9/site-packages/botocore/client.py", line 960, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (ValidationException) when calling the GetSecretValue operation: Invalid name. Must be a valid name containing alphanumeric characters, or any of the following: -/_+=.@!
How do I retrieve the secret with the ARN?
2
Answers
Somehow I made a copy-paste error:
I had
It should be:
Look at the latest Python SDK Secrets Manager code example that includes this use case. This code has been tested and works. See here in AWS Code Example Github.
https://github.com/awsdocs/aws-doc-sdk-examples/blob/main/python/example_code/secretsmanager/secretsmanager_basics.py#L89
In this code example, you do not need to reference the ARN.