How can I immediately delete a Secrets Manager secret so that I can create a new secret with the same name?

Last updated: 2020-04-28

I deleted an AWS Secrets Manager secret. Then I tried to recreate the secret using the same name. However, I received the error "You can't create this secret because a secret with this name is already scheduled for deletion"

Short description

When you delete a secret, Secrets Manager deprecates it with a seven-day recovery window. This means that you can't recreate a secret using the same name using the AWS Management Console until seven days have passed. You can permanently delete a secret without any recover window using the AWS Command Line Interface (AWS CLI). For more information, see Deleting and restoring a secret.

Resolution

Run the DeleteSecret API call with the ForceDeleteWithoutRecovery parameter to delete the secret permanently.

Notes:

In this example, replace your-secret with your Secrets Manager secret ID and your-region with your AWS Region.

aws secretsmanager delete-secret --secret-id your-secret --force-delete-without-recovery --region your-region

Run the DescribeSecret API call to verify that the secret is permanently deleted.

Note: The deletion is an asynchronous process. There might be a short delay.

aws secretsmanager describe-secret --secret-id your-secret --region your-region

You receive an error similar to the following:

An error occurred (ResourceNotFoundException) when calling the DescribeSecret operation: Secrets Manager can't find the specified secret.

This error means that the secret is successfully deleted.


Did this article help?


Do you need billing or technical support?