Rotated Secrets can be configured with a sync setting, ensuring that upon manual or automatic rotation, the latest value of your secret will be synced via the relevant Universal Secrets Connector automatically.

Syncing a Rotated Secret from the CLI

Run the following command to sync a rotated secret to an external Secret Management solution using the CLI:

akeyless rotated-secret sync \
--name <Rotated Secret name> \
--usc-name <USC name> \
--remote-secret-name <remote secret name>
---filter-secret-value <jq expression>

Where:

• name: The Rotated Secret name.

• usc-name: The name of the Universal Secret Connector.

• remote-secret-name: Remote Secret Name that will be created on the remote endpoint.

• filter-secret-value: Optional, to filter the value of the rotated secret, to sync only specific fields, or to manipulate the value using a jq expression, e.g. .password etc.

You can find the complete list of parameters for this command in the CLI Reference - Rotated Secrets section.

Syncing a Rotated Secret from the Console

1. Log in to the Akeyless Console, and navigate to the Rotated Secret item.
2. Go to the Sync tab on the secret item and click Attach.
3. Set the following settings:

• Universal Secret Connector Name: Choose the target Universal Secret Connector.

• Remote Secret Name: Enter the name of the secret that will be created or updated on the remote endpoint.

• Filter secret value (jq): Optional, to filter the value of the rotated secret, to sync only specific fields, or to manipulate the value using a jq expression, e.g. .password etc.

Click on Save to synchronize the rotated secret.

In case an automatic sync fails, an event will be triggered. In that case, you will be able to perform a manual sync from this tab.