AWS Security ChangesHomeSearch

AWS secretsmanager documentation change

Service: secretsmanager · 2025-05-31 · Documentation low

File: secretsmanager/latest/userguide/replicate-secrets_troubleshoot.md

Summary

Added detailed replication failure troubleshooting steps, including API/CloudTrail checks and secret version retention behavior.

Security assessment

Improves operational troubleshooting guidance but does not address security vulnerabilities or document security features. Focuses on replication reliability rather than security controls.

Diff

diff --git a/secretsmanager/latest/userguide/replicate-secrets_troubleshoot.md b/secretsmanager/latest/userguide/replicate-secrets_troubleshoot.md
index 4dda0b0f3..b203c8e91 100644
--- a//secretsmanager/latest/userguide/replicate-secrets_troubleshoot.md
+++ b//secretsmanager/latest/userguide/replicate-secrets_troubleshoot.md
@@ -9 +9,19 @@ A secret with the same name exists in the selected RegionNo permissions availabl
-The following are some reasons that replication can fail.
+AWS Secrets Manager replication might fail for various reasons. To check why a secret failed to replicate, you can do one of the following:
+
+  * Call the `DescribeSecret` API operation
+
+  * Review AWS CloudTrail events
+
+
+
+
+When replication fails:
+
+  * If there are no usable secret versions, Secrets Manager removes the secret from the replica Region.
+
+  * If there are successfully replicated secret versions, they remain in the replica Region until you explicitly remove them using the `RemoveRegionsFromReplication` API operation.
+
+
+
+
+The following sections describe some common reasons for replication failures.