Skip to main content

AWS Secrets Manager

Credential configuration

To configure this credential, you need the Access Key Id and the Secret Access Key of the Programatic access user you want to use. Make sure this user has the required permissions to access Secrets Manager to work properly. If you need to create the user, follow the instructions provided here.

In the extra options field, you can include any of the parameters you can find here.

Here is an example of a filled credential configuration form in YepCode:

AWS Secrets Manager Snippets available in YepCode editor


The title is the triggering text for YepCode to autocomplete the script.


New integration from credential
const awsSecretsManagerClient = yepcode.integration.awsSecretsManager("credential-slug");
New integration from plain authentication data
const { SecretsManagerClient } = require("@aws-sdk/client-secrets-manager");

const awsSecretsManagerClient = new SecretsManagerClient({
credentials: {
accessKeyId: "accessKeyId",
secretAccessKey: "secretAccessKey",

Create Secret

Create secret
const { CreateSecretCommand } = require("@aws-sdk/client-secrets-manager");

const createSecretCommand = new CreateSecretCommand({
Name: "secret-name",
SecretString: "secret-to-store",

awsSecretsManagerClient.send(createSecretCommand).then((response) => {
console.log(`Created secret with name ${response.Name}`);

List Secrets

List secrets
const { ListSecretsCommand } = require("@aws-sdk/client-secrets-manager");

const listSecretsCommand = new ListSecretsCommand({});

awsSecretsManagerClient.send(listSecretsCommand).then((response) => {
const secrets = response.SecretList;
secrets.forEach((secret) => console.log(`Found secret with name ${secret.Name}`));

Get Secret Value

Get secret value
const { GetSecretValueCommand } = require("@aws-sdk/client-secrets-manager");

const getSecretValueCommand = new GetSecretValueCommand({
SecretId: "secret-name-or-ARN"

awsSecretsManagerClient.send(getSecretValueCommand).then((response) => {
// Secret value comes in response.SecretString or response.SecretBinary
// If you store other types of secrets different than key value pairs,
// then it will come as a JSON string


Delete Secret

Delete secret
const { DeleteSecretCommand } = require("@aws-sdk/client-secrets-manager");

const deleteSecretCommand = new DeleteSecretCommand({
SecretId: "secret-name-or-ARN"

awsSecretsManagerClient.send(deleteSecretCommand).then((response) => {
console.log(`Deleted secret with name ${response.Name}`);