aws-sdk-docdb 1.78.0 → 1.80.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4fa10cef14a6e8a6ccb8ec48b37b513caf7ef189680ad6d791a9fa90ef750f76
4
- data.tar.gz: ab148308a3277e382ba55215fb620b78cdc5157078ecc46bd91dd7a55d4a737b
3
+ metadata.gz: 742046cd971eeccf0ea92a34fb84c90c8b150b93aba710ec3588425dc6ff25a4
4
+ data.tar.gz: ecef8308ca532ae813f04dd82ac947f673e450328e6d73c4d0c9ce25feb2eecd
5
5
  SHA512:
6
- metadata.gz: a928ad10ed009429b5fc1f1218990019fe13d469e00bd0cefef8e3b369d64bd1b33513302bd43fdb6631d28fe531981b386d6a1382beefd6a22d1f6ed657dcbc
7
- data.tar.gz: d5e3f4bc651d770999bda88d954cbe8f4ad3921452472b5e759bda644fae918ce5215af7695519aa388a06c7b39470c23d7cefb8124825e0ce05b3a3738a3d07
6
+ metadata.gz: 15750b4b49d3e1ef0f5f1592b3850752cfcdd7c355ed406abd20a653f78919ac83d71fe4340545029d10185da3a909c91d2b39ee842d1ccc476e7ec0093a938c
7
+ data.tar.gz: 810dcf9fde683c79379705276e98fab7dd7c9ad087da0ca4fab0d7ce3216ac18ac2733a0262f0be39416315c5fb3ebfd9d257ad30fb7f58cab909cf7d9c73b2e
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.80.0 (2024-12-20)
5
+ ------------------
6
+
7
+ * Feature - Support AWS Secret Manager managed password for AWS DocumentDB instance-based cluster.
8
+
9
+ 1.79.0 (2024-11-06)
10
+ ------------------
11
+
12
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
13
+
4
14
  1.78.0 (2024-10-18)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.78.0
1
+ 1.80.0
@@ -1020,6 +1020,35 @@ module Aws::DocDB
1020
1020
  #
1021
1021
  # </note>
1022
1022
  #
1023
+ # @option params [Boolean] :manage_master_user_password
1024
+ # Specifies whether to manage the master user password with Amazon Web
1025
+ # Services Secrets Manager.
1026
+ #
1027
+ # Constraint: You can't manage the master user password with Amazon Web
1028
+ # Services Secrets Manager if `MasterUserPassword` is specified.
1029
+ #
1030
+ # @option params [String] :master_user_secret_kms_key_id
1031
+ # The Amazon Web Services KMS key identifier to encrypt a secret that is
1032
+ # automatically generated and managed in Amazon Web Services Secrets
1033
+ # Manager. This setting is valid only if the master user password is
1034
+ # managed by Amazon DocumentDB in Amazon Web Services Secrets Manager
1035
+ # for the DB cluster.
1036
+ #
1037
+ # The Amazon Web Services KMS key identifier is the key ARN, key ID,
1038
+ # alias ARN, or alias name for the KMS key. To use a KMS key in a
1039
+ # different Amazon Web Services account, specify the key ARN or alias
1040
+ # ARN.
1041
+ #
1042
+ # If you don't specify `MasterUserSecretKmsKeyId`, then the
1043
+ # `aws/secretsmanager` KMS key is used to encrypt the secret. If the
1044
+ # secret is in a different Amazon Web Services account, then you can't
1045
+ # use the `aws/secretsmanager` KMS key to encrypt the secret, and you
1046
+ # must use a customer managed KMS key.
1047
+ #
1048
+ # There is a default KMS key for your Amazon Web Services account. Your
1049
+ # Amazon Web Services account has a different default KMS key for each
1050
+ # Amazon Web Services Region.
1051
+ #
1023
1052
  # @option params [String] :source_region
1024
1053
  # The source region of the snapshot. This is only needed when the
1025
1054
  # shapshot is encrypted and in a different region.
@@ -1057,6 +1086,8 @@ module Aws::DocDB
1057
1086
  # deletion_protection: false,
1058
1087
  # global_cluster_identifier: "GlobalClusterIdentifier",
1059
1088
  # storage_type: "String",
1089
+ # manage_master_user_password: false,
1090
+ # master_user_secret_kms_key_id: "String",
1060
1091
  # source_region: "String",
1061
1092
  # })
1062
1093
  #
@@ -1106,6 +1137,9 @@ module Aws::DocDB
1106
1137
  # resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
1107
1138
  # resp.db_cluster.deletion_protection #=> Boolean
1108
1139
  # resp.db_cluster.storage_type #=> String
1140
+ # resp.db_cluster.master_user_secret.secret_arn #=> String
1141
+ # resp.db_cluster.master_user_secret.secret_status #=> String
1142
+ # resp.db_cluster.master_user_secret.kms_key_id #=> String
1109
1143
  #
1110
1144
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/CreateDBCluster AWS API Documentation
1111
1145
  #
@@ -1858,6 +1892,9 @@ module Aws::DocDB
1858
1892
  # resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
1859
1893
  # resp.db_cluster.deletion_protection #=> Boolean
1860
1894
  # resp.db_cluster.storage_type #=> String
1895
+ # resp.db_cluster.master_user_secret.secret_arn #=> String
1896
+ # resp.db_cluster.master_user_secret.secret_status #=> String
1897
+ # resp.db_cluster.master_user_secret.kms_key_id #=> String
1861
1898
  #
1862
1899
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/DeleteDBCluster AWS API Documentation
1863
1900
  #
@@ -2706,6 +2743,9 @@ module Aws::DocDB
2706
2743
  # resp.db_clusters[0].enabled_cloudwatch_logs_exports[0] #=> String
2707
2744
  # resp.db_clusters[0].deletion_protection #=> Boolean
2708
2745
  # resp.db_clusters[0].storage_type #=> String
2746
+ # resp.db_clusters[0].master_user_secret.secret_arn #=> String
2747
+ # resp.db_clusters[0].master_user_secret.secret_status #=> String
2748
+ # resp.db_clusters[0].master_user_secret.kms_key_id #=> String
2709
2749
  #
2710
2750
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/DescribeDBClusters AWS API Documentation
2711
2751
  #
@@ -3676,6 +3716,9 @@ module Aws::DocDB
3676
3716
  # resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
3677
3717
  # resp.db_cluster.deletion_protection #=> Boolean
3678
3718
  # resp.db_cluster.storage_type #=> String
3719
+ # resp.db_cluster.master_user_secret.secret_arn #=> String
3720
+ # resp.db_cluster.master_user_secret.secret_status #=> String
3721
+ # resp.db_cluster.master_user_secret.kms_key_id #=> String
3679
3722
  #
3680
3723
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/FailoverDBCluster AWS API Documentation
3681
3724
  #
@@ -3979,6 +4022,60 @@ module Aws::DocDB
3979
4022
  #
3980
4023
  # Default value is `standard `
3981
4024
  #
4025
+ # @option params [Boolean] :manage_master_user_password
4026
+ # Specifies whether to manage the master user password with Amazon Web
4027
+ # Services Secrets Manager. If the cluster doesn't manage the master
4028
+ # user password with Amazon Web Services Secrets Manager, you can turn
4029
+ # on this management. In this case, you can't specify
4030
+ # `MasterUserPassword`. If the cluster already manages the master user
4031
+ # password with Amazon Web Services Secrets Manager, and you specify
4032
+ # that the master user password is not managed with Amazon Web Services
4033
+ # Secrets Manager, then you must specify `MasterUserPassword`. In this
4034
+ # case, Amazon DocumentDB deletes the secret and uses the new password
4035
+ # for the master user specified by `MasterUserPassword`.
4036
+ #
4037
+ # @option params [String] :master_user_secret_kms_key_id
4038
+ # The Amazon Web Services KMS key identifier to encrypt a secret that is
4039
+ # automatically generated and managed in Amazon Web Services Secrets
4040
+ # Manager.
4041
+ #
4042
+ # This setting is valid only if both of the following conditions are
4043
+ # met:
4044
+ #
4045
+ # * The cluster doesn't manage the master user password in Amazon Web
4046
+ # Services Secrets Manager. If the cluster already manages the master
4047
+ # user password in Amazon Web Services Secrets Manager, you can't
4048
+ # change the KMS key that is used to encrypt the secret.
4049
+ #
4050
+ # * You are enabling `ManageMasterUserPassword` to manage the master
4051
+ # user password in Amazon Web Services Secrets Manager. If you are
4052
+ # turning on `ManageMasterUserPassword` and don't specify
4053
+ # `MasterUserSecretKmsKeyId`, then the `aws/secretsmanager` KMS key is
4054
+ # used to encrypt the secret. If the secret is in a different Amazon
4055
+ # Web Services account, then you can't use the `aws/secretsmanager`
4056
+ # KMS key to encrypt the secret, and you must use a customer managed
4057
+ # KMS key.
4058
+ #
4059
+ # The Amazon Web Services KMS key identifier is the key ARN, key ID,
4060
+ # alias ARN, or alias name for the KMS key. To use a KMS key in a
4061
+ # different Amazon Web Services account, specify the key ARN or alias
4062
+ # ARN.
4063
+ #
4064
+ # There is a default KMS key for your Amazon Web Services account. Your
4065
+ # Amazon Web Services account has a different default KMS key for each
4066
+ # Amazon Web Services Region.
4067
+ #
4068
+ # @option params [Boolean] :rotate_master_user_password
4069
+ # Specifies whether to rotate the secret managed by Amazon Web Services
4070
+ # Secrets Manager for the master user password.
4071
+ #
4072
+ # This setting is valid only if the master user password is managed by
4073
+ # Amazon DocumentDB in Amazon Web Services Secrets Manager for the
4074
+ # cluster. The secret value contains the updated password.
4075
+ #
4076
+ # Constraint: You must apply the change immediately when rotating the
4077
+ # master user password.
4078
+ #
3982
4079
  # @return [Types::ModifyDBClusterResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3983
4080
  #
3984
4081
  # * {Types::ModifyDBClusterResult#db_cluster #db_cluster} => Types::DBCluster
@@ -4004,6 +4101,9 @@ module Aws::DocDB
4004
4101
  # allow_major_version_upgrade: false,
4005
4102
  # deletion_protection: false,
4006
4103
  # storage_type: "String",
4104
+ # manage_master_user_password: false,
4105
+ # master_user_secret_kms_key_id: "String",
4106
+ # rotate_master_user_password: false,
4007
4107
  # })
4008
4108
  #
4009
4109
  # @example Response structure
@@ -4052,6 +4152,9 @@ module Aws::DocDB
4052
4152
  # resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
4053
4153
  # resp.db_cluster.deletion_protection #=> Boolean
4054
4154
  # resp.db_cluster.storage_type #=> String
4155
+ # resp.db_cluster.master_user_secret.secret_arn #=> String
4156
+ # resp.db_cluster.master_user_secret.secret_status #=> String
4157
+ # resp.db_cluster.master_user_secret.kms_key_id #=> String
4055
4158
  #
4056
4159
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/ModifyDBCluster AWS API Documentation
4057
4160
  #
@@ -5127,6 +5230,9 @@ module Aws::DocDB
5127
5230
  # resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
5128
5231
  # resp.db_cluster.deletion_protection #=> Boolean
5129
5232
  # resp.db_cluster.storage_type #=> String
5233
+ # resp.db_cluster.master_user_secret.secret_arn #=> String
5234
+ # resp.db_cluster.master_user_secret.secret_status #=> String
5235
+ # resp.db_cluster.master_user_secret.kms_key_id #=> String
5130
5236
  #
5131
5237
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/RestoreDBClusterFromSnapshot AWS API Documentation
5132
5238
  #
@@ -5351,6 +5457,9 @@ module Aws::DocDB
5351
5457
  # resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
5352
5458
  # resp.db_cluster.deletion_protection #=> Boolean
5353
5459
  # resp.db_cluster.storage_type #=> String
5460
+ # resp.db_cluster.master_user_secret.secret_arn #=> String
5461
+ # resp.db_cluster.master_user_secret.secret_status #=> String
5462
+ # resp.db_cluster.master_user_secret.kms_key_id #=> String
5354
5463
  #
5355
5464
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/RestoreDBClusterToPointInTime AWS API Documentation
5356
5465
  #
@@ -5429,6 +5538,9 @@ module Aws::DocDB
5429
5538
  # resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
5430
5539
  # resp.db_cluster.deletion_protection #=> Boolean
5431
5540
  # resp.db_cluster.storage_type #=> String
5541
+ # resp.db_cluster.master_user_secret.secret_arn #=> String
5542
+ # resp.db_cluster.master_user_secret.secret_status #=> String
5543
+ # resp.db_cluster.master_user_secret.kms_key_id #=> String
5432
5544
  #
5433
5545
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/StartDBCluster AWS API Documentation
5434
5546
  #
@@ -5507,6 +5619,9 @@ module Aws::DocDB
5507
5619
  # resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
5508
5620
  # resp.db_cluster.deletion_protection #=> Boolean
5509
5621
  # resp.db_cluster.storage_type #=> String
5622
+ # resp.db_cluster.master_user_secret.secret_arn #=> String
5623
+ # resp.db_cluster.master_user_secret.secret_status #=> String
5624
+ # resp.db_cluster.master_user_secret.kms_key_id #=> String
5510
5625
  #
5511
5626
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/StopDBCluster AWS API Documentation
5512
5627
  #
@@ -5605,7 +5720,7 @@ module Aws::DocDB
5605
5720
  tracer: tracer
5606
5721
  )
5607
5722
  context[:gem_name] = 'aws-sdk-docdb'
5608
- context[:gem_version] = '1.78.0'
5723
+ context[:gem_version] = '1.80.0'
5609
5724
  Seahorse::Client::Request.new(handlers, context)
5610
5725
  end
5611
5726
 
@@ -34,6 +34,7 @@ module Aws::DocDB
34
34
  CertificateMessage = Shapes::StructureShape.new(name: 'CertificateMessage')
35
35
  CertificateNotFoundFault = Shapes::StructureShape.new(name: 'CertificateNotFoundFault', error: {"code"=>"CertificateNotFound", "httpStatusCode"=>404, "senderFault"=>true})
36
36
  CloudwatchLogsExportConfiguration = Shapes::StructureShape.new(name: 'CloudwatchLogsExportConfiguration')
37
+ ClusterMasterUserSecret = Shapes::StructureShape.new(name: 'ClusterMasterUserSecret')
37
38
  CopyDBClusterParameterGroupMessage = Shapes::StructureShape.new(name: 'CopyDBClusterParameterGroupMessage')
38
39
  CopyDBClusterParameterGroupResult = Shapes::StructureShape.new(name: 'CopyDBClusterParameterGroupResult')
39
40
  CopyDBClusterSnapshotMessage = Shapes::StructureShape.new(name: 'CopyDBClusterSnapshotMessage')
@@ -314,6 +315,11 @@ module Aws::DocDB
314
315
  CloudwatchLogsExportConfiguration.add_member(:disable_log_types, Shapes::ShapeRef.new(shape: LogTypeList, location_name: "DisableLogTypes"))
315
316
  CloudwatchLogsExportConfiguration.struct_class = Types::CloudwatchLogsExportConfiguration
316
317
 
318
+ ClusterMasterUserSecret.add_member(:secret_arn, Shapes::ShapeRef.new(shape: String, location_name: "SecretArn"))
319
+ ClusterMasterUserSecret.add_member(:secret_status, Shapes::ShapeRef.new(shape: String, location_name: "SecretStatus"))
320
+ ClusterMasterUserSecret.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "KmsKeyId"))
321
+ ClusterMasterUserSecret.struct_class = Types::ClusterMasterUserSecret
322
+
317
323
  CopyDBClusterParameterGroupMessage.add_member(:source_db_cluster_parameter_group_identifier, Shapes::ShapeRef.new(shape: String, required: true, location_name: "SourceDBClusterParameterGroupIdentifier"))
318
324
  CopyDBClusterParameterGroupMessage.add_member(:target_db_cluster_parameter_group_identifier, Shapes::ShapeRef.new(shape: String, required: true, location_name: "TargetDBClusterParameterGroupIdentifier"))
319
325
  CopyDBClusterParameterGroupMessage.add_member(:target_db_cluster_parameter_group_description, Shapes::ShapeRef.new(shape: String, required: true, location_name: "TargetDBClusterParameterGroupDescription"))
@@ -356,6 +362,8 @@ module Aws::DocDB
356
362
  CreateDBClusterMessage.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "DeletionProtection"))
357
363
  CreateDBClusterMessage.add_member(:global_cluster_identifier, Shapes::ShapeRef.new(shape: GlobalClusterIdentifier, location_name: "GlobalClusterIdentifier"))
358
364
  CreateDBClusterMessage.add_member(:storage_type, Shapes::ShapeRef.new(shape: String, location_name: "StorageType"))
365
+ CreateDBClusterMessage.add_member(:manage_master_user_password, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "ManageMasterUserPassword"))
366
+ CreateDBClusterMessage.add_member(:master_user_secret_kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "MasterUserSecretKmsKeyId"))
359
367
  CreateDBClusterMessage.add_member(:source_region, Shapes::ShapeRef.new(shape: String, location_name: "SourceRegion"))
360
368
  CreateDBClusterMessage.struct_class = Types::CreateDBClusterMessage
361
369
 
@@ -463,6 +471,7 @@ module Aws::DocDB
463
471
  DBCluster.add_member(:enabled_cloudwatch_logs_exports, Shapes::ShapeRef.new(shape: LogTypeList, location_name: "EnabledCloudwatchLogsExports"))
464
472
  DBCluster.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: Boolean, location_name: "DeletionProtection"))
465
473
  DBCluster.add_member(:storage_type, Shapes::ShapeRef.new(shape: String, location_name: "StorageType"))
474
+ DBCluster.add_member(:master_user_secret, Shapes::ShapeRef.new(shape: ClusterMasterUserSecret, location_name: "MasterUserSecret"))
466
475
  DBCluster.struct_class = Types::DBCluster
467
476
 
468
477
  DBClusterAlreadyExistsFault.struct_class = Types::DBClusterAlreadyExistsFault
@@ -981,6 +990,9 @@ module Aws::DocDB
981
990
  ModifyDBClusterMessage.add_member(:allow_major_version_upgrade, Shapes::ShapeRef.new(shape: Boolean, location_name: "AllowMajorVersionUpgrade"))
982
991
  ModifyDBClusterMessage.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "DeletionProtection"))
983
992
  ModifyDBClusterMessage.add_member(:storage_type, Shapes::ShapeRef.new(shape: String, location_name: "StorageType"))
993
+ ModifyDBClusterMessage.add_member(:manage_master_user_password, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "ManageMasterUserPassword"))
994
+ ModifyDBClusterMessage.add_member(:master_user_secret_kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "MasterUserSecretKmsKeyId"))
995
+ ModifyDBClusterMessage.add_member(:rotate_master_user_password, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "RotateMasterUserPassword"))
984
996
  ModifyDBClusterMessage.struct_class = Types::ModifyDBClusterMessage
985
997
 
986
998
  ModifyDBClusterParameterGroupMessage.add_member(:db_cluster_parameter_group_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "DBClusterParameterGroupName"))
@@ -279,6 +279,51 @@ module Aws::DocDB
279
279
  include Aws::Structure
280
280
  end
281
281
 
282
+ # Contains the secret managed by Amazon DocumentDB in Amazon Web
283
+ # Services Secrets Manager for the master user password.
284
+ #
285
+ # @!attribute [rw] secret_arn
286
+ # The Amazon Resource Name (ARN) of the secret.
287
+ # @return [String]
288
+ #
289
+ # @!attribute [rw] secret_status
290
+ # The status of the secret.
291
+ #
292
+ # The possible status values include the following:
293
+ #
294
+ # * creating - The secret is being created.
295
+ #
296
+ # * active - The secret is available for normal use and rotation.
297
+ #
298
+ # * rotating - The secret is being rotated.
299
+ #
300
+ # * impaired - The secret can be used to access database credentials,
301
+ # but it can't be rotated. A secret might have this status if, for
302
+ # example, permissions are changed so that Amazon DocumentDB can no
303
+ # longer access either the secret or the KMS key for the secret.
304
+ #
305
+ # When a secret has this status, you can correct the condition that
306
+ # caused the status. Alternatively, modify the instance to turn off
307
+ # automatic management of database credentials, and then modify the
308
+ # instance again to turn on automatic management of database
309
+ # credentials.
310
+ # @return [String]
311
+ #
312
+ # @!attribute [rw] kms_key_id
313
+ # The Amazon Web Services KMS key identifier that is used to encrypt
314
+ # the secret.
315
+ # @return [String]
316
+ #
317
+ # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/ClusterMasterUserSecret AWS API Documentation
318
+ #
319
+ class ClusterMasterUserSecret < Struct.new(
320
+ :secret_arn,
321
+ :secret_status,
322
+ :kms_key_id)
323
+ SENSITIVE = []
324
+ include Aws::Structure
325
+ end
326
+
282
327
  # Represents the input to CopyDBClusterParameterGroup.
283
328
  #
284
329
  # @!attribute [rw] source_db_cluster_parameter_group_identifier
@@ -686,6 +731,37 @@ module Aws::DocDB
686
731
  # </note>
687
732
  # @return [String]
688
733
  #
734
+ # @!attribute [rw] manage_master_user_password
735
+ # Specifies whether to manage the master user password with Amazon Web
736
+ # Services Secrets Manager.
737
+ #
738
+ # Constraint: You can't manage the master user password with Amazon
739
+ # Web Services Secrets Manager if `MasterUserPassword` is specified.
740
+ # @return [Boolean]
741
+ #
742
+ # @!attribute [rw] master_user_secret_kms_key_id
743
+ # The Amazon Web Services KMS key identifier to encrypt a secret that
744
+ # is automatically generated and managed in Amazon Web Services
745
+ # Secrets Manager. This setting is valid only if the master user
746
+ # password is managed by Amazon DocumentDB in Amazon Web Services
747
+ # Secrets Manager for the DB cluster.
748
+ #
749
+ # The Amazon Web Services KMS key identifier is the key ARN, key ID,
750
+ # alias ARN, or alias name for the KMS key. To use a KMS key in a
751
+ # different Amazon Web Services account, specify the key ARN or alias
752
+ # ARN.
753
+ #
754
+ # If you don't specify `MasterUserSecretKmsKeyId`, then the
755
+ # `aws/secretsmanager` KMS key is used to encrypt the secret. If the
756
+ # secret is in a different Amazon Web Services account, then you
757
+ # can't use the `aws/secretsmanager` KMS key to encrypt the secret,
758
+ # and you must use a customer managed KMS key.
759
+ #
760
+ # There is a default KMS key for your Amazon Web Services account.
761
+ # Your Amazon Web Services account has a different default KMS key for
762
+ # each Amazon Web Services Region.
763
+ # @return [String]
764
+ #
689
765
  # @!attribute [rw] source_region
690
766
  # The source region of the snapshot. This is only needed when the
691
767
  # shapshot is encrypted and in a different region.
@@ -715,6 +791,8 @@ module Aws::DocDB
715
791
  :deletion_protection,
716
792
  :global_cluster_identifier,
717
793
  :storage_type,
794
+ :manage_master_user_password,
795
+ :master_user_secret_kms_key_id,
718
796
  :source_region)
719
797
  SENSITIVE = []
720
798
  include Aws::Structure
@@ -1373,6 +1451,11 @@ module Aws::DocDB
1373
1451
  # Default value is `standard `
1374
1452
  # @return [String]
1375
1453
  #
1454
+ # @!attribute [rw] master_user_secret
1455
+ # The secret managed by Amazon DocumentDB in Amazon Web Services
1456
+ # Secrets Manager for the master user password.
1457
+ # @return [Types::ClusterMasterUserSecret]
1458
+ #
1376
1459
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/DBCluster AWS API Documentation
1377
1460
  #
1378
1461
  class DBCluster < Struct.new(
@@ -1408,7 +1491,8 @@ module Aws::DocDB
1408
1491
  :cluster_create_time,
1409
1492
  :enabled_cloudwatch_logs_exports,
1410
1493
  :deletion_protection,
1411
- :storage_type)
1494
+ :storage_type,
1495
+ :master_user_secret)
1412
1496
  SENSITIVE = []
1413
1497
  include Aws::Structure
1414
1498
  end
@@ -4228,6 +4312,64 @@ module Aws::DocDB
4228
4312
  # Default value is `standard `
4229
4313
  # @return [String]
4230
4314
  #
4315
+ # @!attribute [rw] manage_master_user_password
4316
+ # Specifies whether to manage the master user password with Amazon Web
4317
+ # Services Secrets Manager. If the cluster doesn't manage the master
4318
+ # user password with Amazon Web Services Secrets Manager, you can turn
4319
+ # on this management. In this case, you can't specify
4320
+ # `MasterUserPassword`. If the cluster already manages the master user
4321
+ # password with Amazon Web Services Secrets Manager, and you specify
4322
+ # that the master user password is not managed with Amazon Web
4323
+ # Services Secrets Manager, then you must specify
4324
+ # `MasterUserPassword`. In this case, Amazon DocumentDB deletes the
4325
+ # secret and uses the new password for the master user specified by
4326
+ # `MasterUserPassword`.
4327
+ # @return [Boolean]
4328
+ #
4329
+ # @!attribute [rw] master_user_secret_kms_key_id
4330
+ # The Amazon Web Services KMS key identifier to encrypt a secret that
4331
+ # is automatically generated and managed in Amazon Web Services
4332
+ # Secrets Manager.
4333
+ #
4334
+ # This setting is valid only if both of the following conditions are
4335
+ # met:
4336
+ #
4337
+ # * The cluster doesn't manage the master user password in Amazon Web
4338
+ # Services Secrets Manager. If the cluster already manages the
4339
+ # master user password in Amazon Web Services Secrets Manager, you
4340
+ # can't change the KMS key that is used to encrypt the secret.
4341
+ #
4342
+ # * You are enabling `ManageMasterUserPassword` to manage the master
4343
+ # user password in Amazon Web Services Secrets Manager. If you are
4344
+ # turning on `ManageMasterUserPassword` and don't specify
4345
+ # `MasterUserSecretKmsKeyId`, then the `aws/secretsmanager` KMS key
4346
+ # is used to encrypt the secret. If the secret is in a different
4347
+ # Amazon Web Services account, then you can't use the
4348
+ # `aws/secretsmanager` KMS key to encrypt the secret, and you must
4349
+ # use a customer managed KMS key.
4350
+ #
4351
+ # The Amazon Web Services KMS key identifier is the key ARN, key ID,
4352
+ # alias ARN, or alias name for the KMS key. To use a KMS key in a
4353
+ # different Amazon Web Services account, specify the key ARN or alias
4354
+ # ARN.
4355
+ #
4356
+ # There is a default KMS key for your Amazon Web Services account.
4357
+ # Your Amazon Web Services account has a different default KMS key for
4358
+ # each Amazon Web Services Region.
4359
+ # @return [String]
4360
+ #
4361
+ # @!attribute [rw] rotate_master_user_password
4362
+ # Specifies whether to rotate the secret managed by Amazon Web
4363
+ # Services Secrets Manager for the master user password.
4364
+ #
4365
+ # This setting is valid only if the master user password is managed by
4366
+ # Amazon DocumentDB in Amazon Web Services Secrets Manager for the
4367
+ # cluster. The secret value contains the updated password.
4368
+ #
4369
+ # Constraint: You must apply the change immediately when rotating the
4370
+ # master user password.
4371
+ # @return [Boolean]
4372
+ #
4231
4373
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/ModifyDBClusterMessage AWS API Documentation
4232
4374
  #
4233
4375
  class ModifyDBClusterMessage < Struct.new(
@@ -4245,7 +4387,10 @@ module Aws::DocDB
4245
4387
  :engine_version,
4246
4388
  :allow_major_version_upgrade,
4247
4389
  :deletion_protection,
4248
- :storage_type)
4390
+ :storage_type,
4391
+ :manage_master_user_password,
4392
+ :master_user_secret_kms_key_id,
4393
+ :rotate_master_user_password)
4249
4394
  SENSITIVE = []
4250
4395
  include Aws::Structure
4251
4396
  end
@@ -5732,7 +5877,7 @@ module Aws::DocDB
5732
5877
  # or "`rds:`". The string can contain only the set of Unicode
5733
5878
  # letters, digits, white space, '\_', '.', '/', '=', '+',
5734
5879
  # '-' (Java regex:
5735
- # "^(\[\\\\p\\\{L\\}\\\\p\\\{Z\\}\\\\p\\\{N\\}\_.:/=+\\\\-\]*)$").
5880
+ # "^(\[\\\\p\{L}\\\\p\{Z}\\\\p\{N}\_.:/=+\\\\-\]*)$").
5736
5881
  # @return [String]
5737
5882
  #
5738
5883
  # @!attribute [rw] value
@@ -5741,7 +5886,7 @@ module Aws::DocDB
5741
5886
  # or "`rds:`". The string can contain only the set of Unicode
5742
5887
  # letters, digits, white space, '\_', '.', '/', '=', '+',
5743
5888
  # '-' (Java regex:
5744
- # "^(\[\\\\p\\\{L\\}\\\\p\\\{Z\\}\\\\p\\\{N\\}\_.:/=+\\\\-\]*)$").
5889
+ # "^(\[\\\\p\{L}\\\\p\{Z}\\\\p\{N}\_.:/=+\\\\-\]*)$").
5745
5890
  # @return [String]
5746
5891
  #
5747
5892
  # @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/Tag AWS API Documentation
data/lib/aws-sdk-docdb.rb CHANGED
@@ -55,7 +55,7 @@ module Aws::DocDB
55
55
  autoload :EndpointProvider, 'aws-sdk-docdb/endpoint_provider'
56
56
  autoload :Endpoints, 'aws-sdk-docdb/endpoints'
57
57
 
58
- GEM_VERSION = '1.78.0'
58
+ GEM_VERSION = '1.80.0'
59
59
 
60
60
  end
61
61
 
data/sig/client.rbs CHANGED
@@ -181,6 +181,8 @@ module Aws
181
181
  ?deletion_protection: bool,
182
182
  ?global_cluster_identifier: ::String,
183
183
  ?storage_type: ::String,
184
+ ?manage_master_user_password: bool,
185
+ ?master_user_secret_kms_key_id: ::String,
184
186
  ?source_region: ::String
185
187
  ) -> _CreateDBClusterResponseSuccess
186
188
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CreateDBClusterResponseSuccess
@@ -739,7 +741,10 @@ module Aws
739
741
  ?engine_version: ::String,
740
742
  ?allow_major_version_upgrade: bool,
741
743
  ?deletion_protection: bool,
742
- ?storage_type: ::String
744
+ ?storage_type: ::String,
745
+ ?manage_master_user_password: bool,
746
+ ?master_user_secret_kms_key_id: ::String,
747
+ ?rotate_master_user_password: bool
743
748
  ) -> _ModifyDBClusterResponseSuccess
744
749
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ModifyDBClusterResponseSuccess
745
750
 
data/sig/types.rbs CHANGED
@@ -76,6 +76,13 @@ module Aws::DocDB
76
76
  SENSITIVE: []
77
77
  end
78
78
 
79
+ class ClusterMasterUserSecret
80
+ attr_accessor secret_arn: ::String
81
+ attr_accessor secret_status: ::String
82
+ attr_accessor kms_key_id: ::String
83
+ SENSITIVE: []
84
+ end
85
+
79
86
  class CopyDBClusterParameterGroupMessage
80
87
  attr_accessor source_db_cluster_parameter_group_identifier: ::String
81
88
  attr_accessor target_db_cluster_parameter_group_identifier: ::String
@@ -127,6 +134,8 @@ module Aws::DocDB
127
134
  attr_accessor deletion_protection: bool
128
135
  attr_accessor global_cluster_identifier: ::String
129
136
  attr_accessor storage_type: ::String
137
+ attr_accessor manage_master_user_password: bool
138
+ attr_accessor master_user_secret_kms_key_id: ::String
130
139
  attr_accessor source_region: ::String
131
140
  SENSITIVE: []
132
141
  end
@@ -262,6 +271,7 @@ module Aws::DocDB
262
271
  attr_accessor enabled_cloudwatch_logs_exports: ::Array[::String]
263
272
  attr_accessor deletion_protection: bool
264
273
  attr_accessor storage_type: ::String
274
+ attr_accessor master_user_secret: Types::ClusterMasterUserSecret
265
275
  SENSITIVE: []
266
276
  end
267
277
 
@@ -914,6 +924,9 @@ module Aws::DocDB
914
924
  attr_accessor allow_major_version_upgrade: bool
915
925
  attr_accessor deletion_protection: bool
916
926
  attr_accessor storage_type: ::String
927
+ attr_accessor manage_master_user_password: bool
928
+ attr_accessor master_user_secret_kms_key_id: ::String
929
+ attr_accessor rotate_master_user_password: bool
917
930
  SENSITIVE: []
918
931
  end
919
932
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-docdb
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.78.0
4
+ version: 1.80.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-10-18 00:00:00.000000000 Z
11
+ date: 2024-12-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core