# DeleteResourcePolicy


Deletes the resource-based permission policy attached to the secret. To attach a policy to a secret, use [PutResourcePolicy](API_PutResourcePolicy.md).

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see [Logging Secrets Manager events with Amazon CloudTrail](https://docs.amazonaws.cn/secretsmanager/latest/userguide/retrieve-ct-entries.html).

 **Required permissions: ** `secretsmanager:DeleteResourcePolicy`. For more information, see [ IAM policy actions for Secrets Manager](https://docs.amazonaws.cn/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and [Authentication and access control in Secrets Manager](https://docs.amazonaws.cn/secretsmanager/latest/userguide/auth-and-access.html). 

## Request Syntax


```
{
   "SecretId": "string"
}
```

## Request Parameters


For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).

The request accepts the following data in JSON format.

 ** [SecretId](#API_DeleteResourcePolicy_RequestSyntax) **   <a name="SecretsManager-DeleteResourcePolicy-request-SecretId"></a>
The ARN or name of the secret to delete the attached resource-based policy for.  
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See [Finding a secret from a partial ARN](https://docs.amazonaws.cn/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen).  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 2048.  
Required: Yes

## Response Syntax


```
{
   "ARN": "string",
   "Name": "string"
}
```

## Response Elements


If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

 ** [ARN](#API_DeleteResourcePolicy_ResponseSyntax) **   <a name="SecretsManager-DeleteResourcePolicy-response-ARN"></a>
The ARN of the secret that the resource-based policy was deleted for.  
Type: String  
Length Constraints: Minimum length of 20. Maximum length of 2048.

 ** [Name](#API_DeleteResourcePolicy_ResponseSyntax) **   <a name="SecretsManager-DeleteResourcePolicy-response-Name"></a>
The name of the secret that the resource-based policy was deleted for.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 512.

## Errors


For information about the errors that are common to all actions, see [Common Errors](CommonErrors.md).

 ** InternalServiceError **   
An error occurred on the server side.  
HTTP Status Code: 500

 ** InvalidParameterException **   
The parameter name or value is invalid.  
HTTP Status Code: 400

 ** InvalidRequestException **   
A parameter value is not valid for the current state of the resource.  
Possible causes:  
+ The secret is scheduled for deletion.
+ You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call. 
+ The secret is managed by another service, and you must use that service to update it. For more information, see [Secrets managed by other Amazon services](https://docs.amazonaws.cn/secretsmanager/latest/userguide/service-linked-secrets.html).
HTTP Status Code: 400

 ** ResourceNotFoundException **   
Secrets Manager can't find the resource that you asked for.  
HTTP Status Code: 400

## Examples


### Example


The following example shows how to delete the resource-based policy that's attached to a secret.The JSON request string input and response output displays formatted code with white space and line breaks for better readability. Submit your input as a single line JSON string.

#### Sample Request


```
POST / HTTP/1.1
Host: secretsmanager.region.domain
Accept-Encoding: identity
X-Amz-Target: secretsmanager.DeleteResourcePolicy
Content-Type: application/x-amz-json-1.1
User-Agent: <user-agent-string>
X-Amz-Date: <date>
Authorization: AWS4-HMAC-SHA256 Credential=<credentials>,SignedHeaders=<headers>, Signature=<signature>
Content-Length: <payload-size-bytes>

{
  "SecretId": "MyTestDatabaseSecret"
}
```

#### Sample Response


```
HTTP/1.1 200 OK
Date: <date>
Content-Type: application/x-amz-json-1.1
Content-Length: <response-size-bytes>
Connection: keep-alive
x-amzn-RequestId: <request-id-guid>

{
  "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
  "Name": "MyTestDatabaseSecret"
}
```

## See Also


For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/secretsmanager-2017-10-17/DeleteResourcePolicy) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/secretsmanager-2017-10-17/DeleteResourcePolicy)