Amazon Web Services (AWS) - Tag Secret using the AWS CLI
by
Jeremy Canfield |
Updated: August 25 2023
| Amazon Web Services (AWS) articles
This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.
The aws secretsmanager list-secrets command can be used the list the secrets you have created.
]$ aws secretsmanager list-secrets
{
"SecretList": [
{
"ARN": "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret-tD1U2U",
"Name": "my-secret",
"Description": "my-secret",
"LastChangedDate": "2023-08-23T17:23:54.741000-05:00",
"LastAccessedDate": "2023-08-22T19:00:00-05:00",
"SecretVersionsToStages": {
"0a8aa38f-b95e-42ab-acc9-7745aa710f23": [
"AWSCURRENT"
]
},
"CreatedDate": "2023-08-23T17:23:54.435000-05:00"
}
]
}
Or, the aws secretsmanager describe-secret command can be used to list a specific secret. In this example, the secret does not have any tags.
~]$ aws secretsmanager describe-secret --secret-id arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret-tD1U2U
{
"ARN": "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret-tD1U2U",
"Name": "my-secret",
"Description": "my-secret",
"LastChangedDate": "2023-08-25T16:30:15.716000+00:00",
"LastAccessedDate": "2023-08-25T00:00:00+00:00",
"VersionIdsToStages": {
"0a8aa38f-b95e-42ab-acc9-7745aa710f23": [
"AWSCURRENT"
]
},
"CreatedDate": "2023-08-23T22:23:54.435000+00:00"
}
Likewise, the aws secretsmanager tag-resource command can be used to add or update a secrets tags, like this.
aws secretsmanager tag-resource \
--secret-id arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret-tD1U2U \
--tags Key=environment,Value=staging
Or like this.
aws secretsmanager tag-resource \
--secret-id arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret-tD1U2U \
--tags '[{"Key": "platform", "Value": "postgres"}, {"Key": "environment", "Value": "staging"}]'
Did you find this article helpful?
If so, consider buying me a coffee over at 