Skip to main content

AWS Secrets Manager

AWS Secrets Manager stores and retrieves secrets such as database credentials, API keys, and other sensitive data.

Refer to the AWS Secrets Manager User Guide for guidance using Secrets Manager.

API Access

The ISecretsManagerClient interface and its implementation TSecretsManagerClient provides access to all AWS Secrets Manager operations.

Retrieving a Secret

Use GetSecretValue to retrieve a secret by name or ARN:

var
  Client: ISecretsManagerClient;
  Response: ISecretsManagerGetSecretValueResponse;
begin
  Client := TSecretsManagerClient.Create;
  Response := Client.GetSecretValue('my-database-credentials');
  Writeln(Response.SecretString);
end.

Secrets can be stored as a string (SecretString) or binary data (SecretBinary).

Other Operations

CreateSecret creates a new secret.
PutSecretValue stores a new value in an existing secret.
RotateSecret configures or triggers automatic rotation.
ListSecrets lists secrets stored in the account.
DeleteSecret schedules a secret for deletion.

API Access
Retrieving a Secret
Other Operations