How can I immediately delete a Secrets Manager secret so that I can create a new secret with the same name?
Last updated: 2021-05-18
I deleted an AWS Secrets Manager secret. Then I tried to recreate the secret using the same name. However, I received the error "You can't create this secret because a secret with this name is already scheduled for deletion"
When you delete a secret, Secrets Manager doesn't immediately delete the secret. Secrets Manager schedules the secret for deletion after a recovery window of a minimum of seven days. This means that you can't recreate a secret using the same name using the AWS Management Console until the recovery window ends. You can permanently delete a secret without any recovery window using the AWS Command Line Interface (AWS CLI). For more information, see Deleting and restoring a secret.
- If you receive errors when running AWS CLI commands, make sure that you’re using the most recent version of the AWS CLI.
- Secrets deleted using the ForceDeleteWithoutRecovery parameter can't be recovered or restored.
Use the AWS Console to get the deleted Secrets Manager secret ID
Note: You can skip this step if you already know the deleted secret's ID.
- Open the Open the Secrets Manager console.
- In the navigation pane, choose Secrets.
- Choose the settings icon, and then in Preferences, select Show disabled secrets.
- In Visible columns, turn on the Deleted on toggle switch, and then choose Save.
- In the Secrets pane, note the Secret name and Deleted on fields to locate the deleted secret ID.
Use the AWS CLI to permanently delete the secret
In this example, replace your-secret with your Secrets Manager secret ID and your-region with your AWS Region.
aws secretsmanager delete-secret --secret-id your-secret --force-delete-without-recovery --region your-region
Run the DescribeSecret API call to verify that the secret is permanently deleted.
Note: The deletion is an asynchronous process. There might be a short delay.
aws secretsmanager describe-secret --secret-id your-secret --region your-region
You receive an error similar to the following:
An error occurred (ResourceNotFoundException) when calling the DescribeSecret operation: Secrets Manager can't find the specified secret.
This error means that the secret is successfully deleted.