Reputation: 15212
Is it possible to refresh token every hour in AWS Secrets Manager?
DOCS:
AWS Secrets Manager automatically triggers a rotation this number of days
after the previous rotation.
If you ever rotate the secret manually, the rotation interval resets.
You can choose one of the predefined values,
or choose Custom and then type any number
between 1 and the maximum value of 365.
What about one hour?
Any other services that could help?
Upvotes: 1
Views: 1909
Answers (2)
Reputation: 36
secrets manager now allows more frequent rotations. Additionally, this it allows rotation windows to schedule your rotations within
Upvotes: 2
Reputation: 238877
Based on the comments.
The minimum automated refresh time of secret is 1 day. From docs:
Secrets Manager schedules the next rotation when the previous one completes. Secrets Manager schedules the date by adding the rotation interval (number of days) to the actual date of the last rotation. The service chooses the hour within that 24-hour date window randomly. The minute is also chosen somewhat randomly, but weighted towards the top of the hour and influenced by a variety of factors that help distribute load.
One way to update the secret each hour would be to use Scheduled CloudWatch Event rules. The rule would trigger a lambda function each hour, which in turn would set new value of the secret in the AWS Secrets Manager.
Upvotes: 1
Related Questions
- How to reuse API Credentials from AWS secret manager
- How to renew token in sts
- AWS Secret Manager Update
- Is there anyway I can modify expiration time of get-login-password token?
- AWS Secrets Manager Update Secret Request Using AWS-SDK Java
- AWS Cognito - Access and refresh token
- How do AWS Cognito Authentication tokens refresh
- Cognito Refresh Token Expires prematurely
- How to update ECR login token without regenerate every 12 hours?
- Refresh token can be refreshed?