- Newest
- Most votes
- Most comments
The issue had nothing to do with AWS. I was connected to a VPN (unrelated to AWS) that was somehow blocking my calls to the secrets manager for the eu-west-1 region. I can't explain it behyond that, but as soon as I disconnected from that VPN everything worked fine with my terraform script.
This looks to be a matter of permissions. You should check that the user you are using has permissions to secretsmanager:ListSecrets. You can define a policy like the one specified in the documentation - the second statement:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"secretsmanager:GetResourcePolicy",
"secretsmanager:GetSecretValue",
"secretsmanager:DescribeSecret",
"secretsmanager:ListSecretVersionIds"
],
"Resource": [
"arn:aws:secretsmanager:us-west-2:111122223333:secret:aes128-1a2b3c",
"arn:aws:secretsmanager:us-west-2:111122223333:secret:aes192-4D5e6F",
"arn:aws:secretsmanager:us-west-2:111122223333:secret:aes256-7g8H9i"
]
},
{
"Effect": "Allow",
"Action": "secretsmanager:ListSecrets",
"Resource": "*"
}
]
The error "Failed to fetch a list of secrets" in AWS Secrets Manager could be caused by a few different issues. Here are some potential solutions and considerations:
-
Check your IAM permissions: Ensure that you have the necessary permissions to list secrets in Secrets Manager. The required permission is "secretsmanager:ListSecrets".
-
Verify your network connectivity: Make sure you have a stable internet connection and that there are no network issues preventing communication with AWS services.
-
Consider the number of secrets: If you have a large number of secrets in your account, it might take longer to fetch the list. Try using filters or pagination to retrieve secrets in smaller batches.
-
Check AWS service health: Verify that there are no ongoing issues with AWS Secrets Manager in the eu-west-1 region by checking the AWS Service Health Dashboard.
-
Clear your browser cache: Sometimes, clearing your browser cache and cookies can resolve issues with the AWS Management Console.
-
Use AWS CLI or SDK: As an alternative to the console, try using the AWS CLI or SDK to list secrets, which might provide more detailed error information.
-
Contact AWS Support: If the issue persists, you may want to reach out to AWS Support for further assistance.
Regarding resetting Secrets Manager, there isn't a direct way to "reset" the service itself. However, if you want to start fresh and don't mind losing your existing secrets, you can:
-
Delete all existing secrets: You can use Terraform or the AWS CLI to delete all secrets in your account for that region.
-
Wait for deletion: Remember that deleted secrets have a recovery window (usually 7-30 days) before they're permanently deleted. You can force immediate deletion if needed.
-
Recreate secrets: After deletion, you can recreate the necessary secrets using Terraform.
Keep in mind that deleting and recreating secrets will impact any applications or services that depend on those secrets. Ensure you update any references to the old secrets in your applications after recreating them.
If Terraform is hanging due to this issue, you might need to increase the timeout settings in your Terraform configuration or consider using data sources to fetch secret information instead of creating resources, which might be less affected by listing issues.
Sources
Common Errors - AWS Secrets Manager
Features | AWS Secrets Manager | Amazon Web Services (AWS)
Restore an AWS Secrets Manager secret - AWS Secrets Manager
Relevant content
- asked 2 years ago
- asked 6 months ago
- asked 4 years ago
- asked 3 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
Thank you for answering. It turns out the issue was that I was connected to a VPN (not related to AWS) that was blocking my calls to the secrets manager. Once I disconnected from the VPN everything worked fine.