Amazon Secrets Manager secrets managed by other Amazon services

Many Amazon services store and use secrets in Amazon Secrets Manager. In some cases, these secrets are managed secrets, which means that the service that created them helps manage them. For example, some managed secrets include managed rotation, so you don't have to configure rotation yourself. The managing service might also restrict you from updating secrets or deleting them without a recovery period, which helps prevent outages because the managing service depends on the secret.

Managed secrets use a naming convention that includes the managing service ID to help identify them.


Secret name: ServiceID!MySecret
Secret ARN : arn:aws-cn:us-east-1:ServiceID!MySecret-a1b2c3

IDs for services that manage secrets

appflow – How Amazon AppFlow uses Amazon Secrets Manager
databrew – How Amazon Glue DataBrew uses Amazon Secrets Manager
datasync – How Amazon DataSync uses Amazon Secrets Manager
directconnect – How Amazon Direct Connect uses Amazon Secrets Manager
ecs-sc – Amazon Elastic Container Service
events – How Amazon EventBridge uses Amazon Secrets Manager
marketplace-deployment – Amazon Web Services Marketplace
opsworks-cm – How Amazon OpsWorks for Chef Automate uses Amazon Secrets Manager
rds – Amazon RDS
redshift – How Amazon Redshift uses Amazon Secrets Manager
sqlworkbench – Amazon Redshift query editor v2

To find secrets that are managed by other Amazon services, see Find managed secrets.

For a full list of services that use secrets, see Amazon services that use Amazon Secrets Manager secrets.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Cancel automatic rotation

Services that use secrets