batchGetSecretValue method

Future<BatchGetSecretValueResponse> batchGetSecretValue({
  1. List<Filter>? filters,
  2. int? maxResults,
  3. String? nextToken,
  4. List<String>? secretIdList,
})

Retrieves the contents of the encrypted fields SecretString or SecretBinary for up to 20 secrets. To retrieve a single secret, call GetSecretValue.

To choose which secrets to retrieve, you can specify a list of secrets by name or ARN, or you can use filters. If Secrets Manager encounters errors such as AccessDeniedException while attempting to retrieve any of the secrets, you can see the errors in Errors in the response.

Secrets Manager generates CloudTrail GetSecretValue log entries for each secret you request when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.

Required permissions: secretsmanager:BatchGetSecretValue, and you must have secretsmanager:GetSecretValue for each secret. If you use filters, you must also have secretsmanager:ListSecrets. If the secrets are encrypted using customer-managed keys instead of the Amazon Web Services managed key aws/secretsmanager, then you also need kms:Decrypt permissions for the keys. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.

May throw DecryptionFailure. May throw InternalServiceError. May throw InvalidNextTokenException. May throw InvalidParameterException. May throw InvalidRequestException. May throw ResourceNotFoundException.

Parameter filters : The filters to choose which secrets to retrieve. You must include Filters or SecretIdList, but not both.

Parameter maxResults : The number of results to include in the response.

If there are more results available, in the response, Secrets Manager includes NextToken. To get the next results, call BatchGetSecretValue again with the value from NextToken. To use this parameter, you must also use the Filters parameter.

Parameter nextToken : A token that indicates where the output should continue from, if a previous call did not show all results. To get the next results, call BatchGetSecretValue again with this value.

Parameter secretIdList : The ARN or names of the secrets to retrieve. You must include Filters or SecretIdList, but not both.

Implementation

Future<BatchGetSecretValueResponse> batchGetSecretValue({
  List<Filter>? filters,
  int? maxResults,
  String? nextToken,
  List<String>? secretIdList,
}) async {
  _s.validateNumRange(
    'maxResults',
    maxResults,
    1,
    20,
  );
  final headers = <String, String>{
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target': 'secretsmanager.BatchGetSecretValue'
  };
  final jsonResponse = await _protocol.send(
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    // TODO queryParams
    headers: headers,
    payload: {
      if (filters != null) 'Filters': filters,
      if (maxResults != null) 'MaxResults': maxResults,
      if (nextToken != null) 'NextToken': nextToken,
      if (secretIdList != null) 'SecretIdList': secretIdList,
    },
  );

  return BatchGetSecretValueResponse.fromJson(jsonResponse.body);
}