This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Secrets Manager

Overview

Provides a Command-line Interface (CLI) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Secrets Manager and how to call CLI. The output is formatted as a JSON string

Version

VersionStatusSupported Until
1.0CURRENT-

1 - CLIs

1.1 - Create Secret

1.1.1 - 1.0

scpcli secretsmanager secret create
--secret_value <value>
--name <value>
--kms_id <value>
--acl_cidr <value>
[--description <value>]
[--tags <value>]

Description

Create secret.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_value
required		stringThe value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs.{"key1":"value1","key2":"value2"}
name
required		stringSecret Namename
kms_id
required		stringResource ID created in the Key Management Service (KMS) product3265ab469f0d406d83073da3e11e7a6c
acl_cidr
required		stringAccess control list of secret in CIDR192.168.1.1/24, 10.0.0.1/16
description
optional		stringDescription of secretdescription
tags
optional		arrayTag List''{"key": "", "value": ""}'

Responses

NameDescriptionExample
idID0fdd87aab8cb46f59b7c1f81ed03fb3e
account_idAccount ID3265ab469f0d406d83073da3e11e7a6c
acl_cidrAccess control list of secret in CIDR192.168.1.1/24, 10.0.0.1/16
created_atCreated At2024-05-17T00:23:17Z
created_byCreated By90dddfc2b1e04edba54ba2b41539a9ac
deleted_atDate of deletion2025-02-25 03:07:17.000
descriptionDescription of secretdescription
kms_idResource ID created in the Key Management Service (KMS) product3265ab469f0d406d83073da3e11e7a6c
kms_nameResource name of KMS keykmsname
modified_atModified At2024-05-17T00:23:17Z
modified_byModified By90dddfc2b1e04edba54ba2b41539a9ac
nameName of keymy-secret-name
recent_searched_atDate of recent search2025-02-25 03:07:17.000
stateState of key(Creating, Active, Error, Stop, To_Be_Terminated)Active
typeType of secretGeneral

1.2 - Delete Secret

1.2.1 - 1.0

scpcli secretsmanager secret delete
--secret_id <value>
--waiting_time_ndays <value>

Description

Delete secret.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c
waiting_time_ndays
required		integerDays remaining until deletion7

1.3 - Generate Random Password

1.3.1 - 1.0

scpcli secretsmanager generate random password
[--exclude_characters <value>]
[--exclude_lowercase <value>]
[--exclude_numbers <value>]
[--exclude_punctuation <value>]
[--exclude_uppercase <value>]
[--include_space <value>]
[--password_length <value>]
[--require_each_included_type <value>]

Description

Generate random password.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
exclude_characters
optional		stringCharacters to exclude when generating passwordabcdefg
exclude_lowercase
optional		booleanOption to exclude lowercase lettersfalse
exclude_numbers
optional		booleanOption to exclude numbersfalse
exclude_punctuation
optional		booleanOption to exclude punctuationfalse
exclude_uppercase
optional		booleanOption to exclude uppercase lettersfalse
include_space
optional		booleanOption to include spacesfalse
password_length
optional		integerLength of the password to generate32
require_each_included_type
optional		booleanRequire all included character typestrue

Responses

NameDescriptionExample
random_passwordGenerate random password.random-value

1.4 - List Secrets

1.4.1 - 1.0

scpcli secretsmanager secret list
[--size <value>]
[--page <value>]
[--sort <value>]
[--name <value>]
[--state <value>]

Description

List secrets.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
size
optional		integersize20
page
optional		integerpage0
sort
optional		stringsortcreated_at:desc
name
optional		stringSecret Namename
state
optional		arraySecret StateA

Responses

NameDescriptionExample
idID0fdd87aab8cb46f59b7c1f81ed03fb3e
account_idAccount ID3265ab469f0d406d83073da3e11e7a6c
acl_cidrAccess control list of secret in CIDR192.168.1.1/24, 10.0.0.1/16
created_atCreated At2024-05-17T00:23:17Z
created_byCreated By90dddfc2b1e04edba54ba2b41539a9ac
deleted_atDate of deletion2025-02-25 03:07:17.000
descriptionDescription of secretdescription
kms_idResource ID created in the Key Management Service (KMS) product3265ab469f0d406d83073da3e11e7a6c
kms_nameResource name of KMS keykmsname
modified_atModified At2024-05-17T00:23:17Z
modified_byModified By90dddfc2b1e04edba54ba2b41539a9ac
nameName of keymy-secret-name
recent_searched_atDate of recent search2025-02-25 03:07:17.000
stateState of key(Creating, Active, Error, Stop, To_Be_Terminated)Active
typeType of secretGeneral

1.5 - List Versions of Secret

1.5.1 - 1.0

scpcli secretsmanager secret list version
--secret_id <value>

Description

List versions of secrets.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c

Responses

NameDescriptionExample
version_list

1.6 - Restore Secret

1.6.1 - 1.0

scpcli secretsmanager secret restore
--secret_id <value>

Description

Cancel process of deleting secret.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c

1.7 - Set CIDR of Secret

1.7.1 - 1.0

scpcli secretsmanager secret set cidr
--secret_id <value>
--acl_cidr <value>

Description

Edit the IP CIDR value for access control when retrieving the value of a Secret.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c
acl_cidr
required		stringAccess control list of secret in CIDR192.168.1.1/24, 10.0.0.1/16

1.8 - Set Description of Secret

1.8.1 - 1.0

scpcli secretsmanager secret set description
--secret_id <value>
--description <value>

Description

Set description of secret.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c
description
required		stringDescription of secretdescription

1.9 - Set KMS ID of Secret

1.9.1 - 1.0

scpcli secretsmanager secret set kmsid
--secret_id <value>
--kms_id <value>

Description

Modify the KMS ID used to encrypt the secret value.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c
kms_id
required		stringResource ID created in the Key Management Service (KMS) product3265ab469f0d406d83073da3e11e7a6c

1.10 - Set Label of Version

1.10.1 - 1.0

scpcli secretsmanager secret update label
--secret_id <value>
--label <value>
[--move_to_version_id <value>]
[--remove_from_version_id <value>]

Description

Labels are added, moved, or removed from a version. If only the move_to_version_id value is used, the label is added. If only the remove_from_version_id value is used, the label is removed. If both values are used, the label is moved from remove_from_version_id to move_to_version_id.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c
label
required		stringLabel of secret version. Not allow duplication.My Custom Label
move_to_version_id
optional		stringSecret Version ID3265ab469f0d406d83073da3e11e7a6c
remove_from_version_id
optional		stringSecret Version ID3265ab469f0d406d83073da3e11e7a6c

1.11 - Show Secret Detail

1.11.1 - 1.0

scpcli secretsmanager secret show
--secret_id <value>

Description

Show secret detail.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c

Responses

NameDescriptionExample
idID0fdd87aab8cb46f59b7c1f81ed03fb3e
account_idAccount ID3265ab469f0d406d83073da3e11e7a6c
acl_cidrAccess control list of secret in CIDR192.168.1.1/24, 10.0.0.1/16
created_atCreated At2024-05-17T00:23:17Z
created_byCreated By90dddfc2b1e04edba54ba2b41539a9ac
deleted_atDate of deletion2025-02-25 03:07:17.000
descriptionDescription of secretdescription
kms_idResource ID created in the Key Management Service (KMS) product3265ab469f0d406d83073da3e11e7a6c
kms_nameResource name of KMS keykmsname
modified_atModified At2024-05-17T00:23:17Z
modified_byModified By90dddfc2b1e04edba54ba2b41539a9ac
nameName of keymy-secret-name
recent_searched_atDate of recent search2025-02-25 03:07:17.000
stateState of key(Creating, Active, Error, Stop, To_Be_Terminated)Active
typeType of secretGeneral

1.12 - Show Secret Value

1.12.1 - 1.0

scpcli secretsmanager secret show value
--secret_id <value>
[--label <value>]
[--version_id <value>]

Description

Show secret value.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c
label
optional		stringLabel of secret version. Not allow duplication.CURRENT
version_id
optional		stringSecret Version IDe7b638507d9f4feeb6032a22b7640bf7

Responses

NameDescriptionExample
secret_valueThe value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs.{“key1”:“value1”,“key2”:“value2”}

1.13 - Update Secret Value

1.13.1 - 1.0

scpcli secretsmanager secret update value
--secret_id <value>
--secret_value <value>

Description

Update secret value.

State ACTIVE (CURRENT)

VersionSupported Until
1.0-

Parameters

NameTypeDescriptionExample
secret_id
required		stringSecret ID3265ab469f0d406d83073da3e11e7a6c
secret_value
required		stringThe value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs.{"key1":"value1","key2":"value2"}