Create an AWS Secrets Manager secret with CloudFormation

This example creates a secret named CloudFormationCreatedSecret-a1b2c3d4e5f6. The secret value is the following JSON, with a 32-character password that is generated when the secret is created.


{
    "password": "EXAMPLE-PASSWORD",
    "username": "saanvi"
}

This example uses the following CloudFormation resource:

AWS::SecretsManager::Secret

For information about creating resources with CloudFormation, see Learn template basics in the CloudFormation User Guide.

JSON


{
    "Resources": {
        "CloudFormationCreatedSecret": {
            "Type": "AWS::SecretsManager::Secret",
            "Properties": {
                "Description": "Simple secret created by CloudFormation.",
                "GenerateSecretString": {
                    "SecretStringTemplate": "{\"username\": \"saanvi\"}",
                    "GenerateStringKey": "password",
                    "PasswordLength": 32
                }
            }
        }
    }
}

YAML


Resources:
  CloudFormationCreatedSecret:
    Type: 'AWS::SecretsManager::Secret'
    Properties:
      Description: Simple secret created by CloudFormation.
      GenerateSecretString:
        SecretStringTemplate: '{"username": "saanvi"}'
        GenerateStringKey: password
        PasswordLength: 32

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

CloudFormation

Create a secret with Amazon RDS credentials with automatic rotation