All Products
Search
Document Center

Key Management Service:ListSecrets

Last Updated:Dec 06, 2023

Queries all secrets created by the current Alibaba Cloud account in the current region.

This operation returns the metadata information about the secrets and does not return encrypted secret values.

In this example, the secrets created by the current Alibaba Cloud account in the current region are returned. The PageNumber parameter is set to 1, and the PageSize parameter is set to 2, which indicates that two secrets are to be returned on the current page.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter

Type

Required

Example

Description

Action String Yes ListSecrets

The operation that you want to perform. Set the value to ListSecrets.

FetchTags String No false

Specifies whether to return the resource tags of the secret. Valid values:

  • true
  • false (default value)
PageNumber Integer No 1

The page number.

Pages start from page 1.

Default value: 1.

PageSize Integer No 2

The number of entries per page.

Valid values: 1 to 100.

Default value: 10

Filters String No [{"Key":"SecretName", "Values":["Val1","Val2"]}]

The secret filter condition.

The condition consists of one or more key-value pairs. You can specify a maximum of 10 key-value pairs. If you use one tag key or tag value to filter resources, up to 4,000 resources can be queried. If you want to query more than 4,000 resources, call the ListResourceTags operation.

  • Key
    • Description: the property to query.
    • Type: string.
    • Valid values:
      • SecretName: the secret name.
      • Description: the description of the secret.
      • TagKey: the tag key.
      • TagValue: the tag value.
      • DKMSInstanceId: the ID of the KMS instance.
      • SecretType: the secret type.
  • Values
    • Description: the value of the property.
    • Type: string.
    • Length: 0 to 10.
    • Valid values:
      • If the Key field is set to SecretName, the value must be 1 to 192 characters in length and can contain letters, digits, and special characters _ / + = . @ -.
      • If the Key field is set to Description, the value must be 1 to 256 characters in length.
      • If the Key field is set to TagKey, the value must be 1 to 256 characters in length and can contain letters, digits, and special characters / _ - . + = @ :.
      • If the Key field is set to TagValue, the value must be 1 to 256 characters in length and can contain letters, numbers, and special characters / _ - . + = @ :.
      • If the Key field is set to DKMSInstanceId, the value is the ID of the instance and is in the kst-xxx format.
      • If the Key field is set to SecretType, valid values include Generic, Rds, RAMCredentials, and ECS.

The logical relationship between values of the Values field in a key-value pair is OR. Example: [ {"Key":"SecretName", "Values":["sec1","sec2"]} ]. In this example, the semantics are SecretName=sec 1 OR SecretName=sec 2.

Response parameters

Parameter

Type

Example

Description

PageNumber Integer 1

The page number.

PageSize Integer 2

The number of entries per page.

RequestId String 6a6287a0-ff34-4780-a790-fdfca900557f

The ID of the request, which is used to locate and troubleshoot issues.

TotalCount Integer 55

The total number of returned secrets.

SecretList Array of Secret

A list of secrets.

Secret
SecretName String secret001

The secret name.

UpdateTime String 2023-07-17T07:59:05Z

The update time.

SecretType String Generic

The type of the secret. Valid values:

  • Generic: generic secret
  • Rds: managed ApsaraDB RDS secret
PlannedDeleteTime String 2023-08-17T07:59:05Z

The time when the secret is scheduled to be deleted.

CreateTime String 2023-07-17T07:59:05Z

The time when the secret was created.

Tags Array of Tag

The resource tag of the secret.

This parameter is not returned if you set the FetchTags parameter to false or do not specify the FetchTags parameter.

Tag
TagValue String val1

The tag value.

TagKey String key1

The tag key.

Examples

Sample requests

http(s)://[Endpoint]/?Action=ListSecrets
&FetchTags=false
&PageNumber=1
&PageSize=2
&Filters=[{"Key":"SecretName", "Values":["Val1","Val2"]}]
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<ListSecretsResponse>
    <PageNumber>1</PageNumber>
    <PageSize>2</PageSize>
    <RequestId>6a6287a0-ff34-4780-a790-fdfca900557f</RequestId>
    <TotalCount>55</TotalCount>
    <SecretList>
        <SecretName>secret001</SecretName>
        <UpdateTime>2023-07-17T07:59:05Z</UpdateTime>
        <SecretType>Generic</SecretType>
        <PlannedDeleteTime>2023-08-17T07:59:05Z</PlannedDeleteTime>
        <CreateTime>2023-07-17T07:59:05Z</CreateTime>
        <Tags>
            <TagValue>val1</TagValue>
            <TagKey>key1</TagKey>
        </Tags>
    </SecretList>
</ListSecretsResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "PageNumber" : 1,
  "PageSize" : 2,
  "RequestId" : "6a6287a0-ff34-4780-a790-fdfca900557f",
  "TotalCount" : 55,
  "SecretList" : [ {
    "SecretName" : "secret001",
    "UpdateTime" : "2023-07-17T07:59:05Z",
    "SecretType" : "Generic",
    "PlannedDeleteTime" : "2023-08-17T07:59:05Z",
    "CreateTime" : "2023-07-17T07:59:05Z",
    "Tags" : [ {
      "TagValue" : "val1",
      "TagKey" : "key1"
    } ]
  } ]
}

Error codes

HTTP status code

Error code

Error message

Description

400 InvalidParameter The specified parameter is not valid. The specified parameter is invalid.
404 InvalidAccessKeyId.NotFound The Access Key ID provided does not exist in our records. The specified AccessKey ID does not exist.

For a list of error codes, see Service error codes.