Secrets Manager in AWS is a great little service for stashing credentials and other sensitive materials that an application you develop might want to use. Classic examples are database passwords. There is a gotcha that you need to be careful about when using it though.
When you create a secret, you have to give it a name. Secrets Manager then creates an ARN using this name and adds a suffix consisting of a hyphen plus six random characters. That means if your name also ends with a hyphen and six characters, you are going to break searching for secrets by name. Secrets Manager will think your name is actually the complete ARN. You would think this problem wouldn’t come up that frequently but there are a lot of common six letter terms that people like to use as suffixes. For example:
As a best practice, just don’t use hyphens in secret names.
One thought on “AWS Secrets Manager names are suffixed!”
Thanks, It helped us to identify the issue