How can I immediately delete a Secrets Manager secret so that I can create a new secret with the same name?
Last updated: 2020-04-28
I deleted an AWS Secrets Manager secret. Then I tried to recreate the secret using the same name. However, I received the error "You can't create this secret because a secret with this name is already scheduled for deletion"
When you delete a secret, Secrets Manager deprecates it with a seven-day recovery window. This means that you can't recreate a secret using the same name using the AWS Management Console until seven days have passed. You can permanently delete a secret without any recover window using the AWS Command Line Interface (AWS CLI). For more information, see Deleting and restoring a secret.
- If you receive errors when running AWS CLI commands, make sure that you’re using the most recent version of the AWS CLI.
- Secrets deleted using the ForceDeleteWithoutRecovery parameter can't be recovered or restored.
In this example, replace your-secret with your Secrets Manager secret ID and your-region with your AWS Region.
aws secretsmanager delete-secret --secret-id your-secret --force-delete-without-recovery --region your-region
Run the DescribeSecret API call to verify that the secret is permanently deleted.
Note: The deletion is an asynchronous process. There might be a short delay.
aws secretsmanager describe-secret --secret-id your-secret --region your-region
You receive an error similar to the following:
An error occurred (ResourceNotFoundException) when calling the DescribeSecret operation: Secrets Manager can't find the specified secret.
This error means that the secret is successfully deleted.