Secret Versions

Learn how to create and manage secret versions.

Every secret has at least one secret version. When you update the secret's contents, you create a new secret version. Secret version numbers start at "1" and increment by 1. You can have up to 30 secret versions in active use and 30 secret versions pending deletion for each secret. See Limits by Service for complete details about Vault, Key Management and Secret Management limits.

In addition to a version number, you can identify a secret version by its version name or rotation state. A secret version's rotation state represents how the secret is being used. Typically, applications need the current version of a secret. Marking a secret version as the 'current' version indicates that it has the secret contents currently used to access to the target resource. For example, if you stored a password to connect to a database as a secret, when you request the current version of that secret, you get the password that the database currently expects.