SecretsManager / Client / restore_secret

restore_secret#

SecretsManager.Client.restore_secret(**kwargs)#

Cancels the scheduled deletion of a secret by removing the DeletedDate time stamp. You can access a secret again after it has been restored.

Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:RestoreSecret. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

See also: AWS API Documentation

Request Syntax

response = client.restore_secret(
    SecretId='string'
)
Parameters:

SecretId (string) –

[REQUIRED]

The ARN or name of the secret to restore.

For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.

Return type:

dict

Returns:

Response Syntax

{
    'ARN': 'string',
    'Name': 'string'
}

Response Structure

  • (dict) –

    • ARN (string) –

      The ARN of the secret that was restored.

    • Name (string) –

      The name of the secret that was restored.

Exceptions

Examples

The following example shows how to restore a secret that you previously scheduled for deletion.

response = client.restore_secret(
    SecretId='MyTestDatabaseSecret',
)

print(response)

Expected Output:

{
    'ARN': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3',
    'Name': 'MyTestDatabaseSecret',
    'ResponseMetadata': {
        '...': '...',
    },
}