How can I immediately delete a Secrets Manager secret so that I can create a new secret with the same name?

Last updated: 2021-05-18

I deleted an AWS Secrets Manager secret. Then I tried to recreate the secret using the same name. However, I received the error "You can't create this secret because a secret with this name is already scheduled for deletion"

Short description

When you delete a secret, Secrets Manager doesn't immediately delete the secret. Secrets Manager schedules the secret for deletion after a recovery window of a minimum of seven days. This means that you can't recreate a secret using the same name using the AWS Management Console until the recovery window ends. You can permanently delete a secret without any recovery window using the AWS Command Line Interface (AWS CLI). For more information, see Deleting and restoring a secret.

Resolution

Run the DeleteSecret API call with the ForceDeleteWithoutRecovery parameter to delete the secret permanently.

Notes:

Use the AWS Console to get the deleted Secrets Manager secret ID

Note: You can skip this step if you already know the deleted secret's ID.

  1. Open the Open the Secrets Manager console.
  2. In the navigation pane, choose Secrets.
  3. Choose the settings icon, and then in Preferences, select Show disabled secrets.
  4. In Visible columns, turn on the Deleted on toggle switch, and then choose Save.
  5. In the Secrets pane, note the Secret name and Deleted on fields to locate the deleted secret ID.

Use the AWS CLI to permanently delete the secret

In this example, replace your-secret with your Secrets Manager secret ID and your-region with your AWS Region.

aws secretsmanager delete-secret --secret-id your-secret --force-delete-without-recovery --region your-region

Run the DescribeSecret API call to verify that the secret is permanently deleted.

Note: The deletion is an asynchronous process. There might be a short delay.

aws secretsmanager describe-secret --secret-id your-secret --region your-region

You receive an error similar to the following:

An error occurred (ResourceNotFoundException) when calling the DescribeSecret operation: Secrets Manager can't find the specified secret.

This error means that the secret is successfully deleted.


Did this article help?


Do you need billing or technical support?