aws-sdk-docdb 1.78.0 → 1.80.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-docdb/client.rb +116 -1
- data/lib/aws-sdk-docdb/client_api.rb +12 -0
- data/lib/aws-sdk-docdb/types.rb +149 -4
- data/lib/aws-sdk-docdb.rb +1 -1
- data/sig/client.rbs +6 -1
- data/sig/types.rbs +13 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 742046cd971eeccf0ea92a34fb84c90c8b150b93aba710ec3588425dc6ff25a4
|
4
|
+
data.tar.gz: ecef8308ca532ae813f04dd82ac947f673e450328e6d73c4d0c9ce25feb2eecd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 15750b4b49d3e1ef0f5f1592b3850752cfcdd7c355ed406abd20a653f78919ac83d71fe4340545029d10185da3a909c91d2b39ee842d1ccc476e7ec0093a938c
|
7
|
+
data.tar.gz: 810dcf9fde683c79379705276e98fab7dd7c9ad087da0ca4fab0d7ce3216ac18ac2733a0262f0be39416315c5fb3ebfd9d257ad30fb7f58cab909cf7d9c73b2e
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,16 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.80.0 (2024-12-20)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Support AWS Secret Manager managed password for AWS DocumentDB instance-based cluster.
|
8
|
+
|
9
|
+
1.79.0 (2024-11-06)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
13
|
+
|
4
14
|
1.78.0 (2024-10-18)
|
5
15
|
------------------
|
6
16
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.80.0
|
data/lib/aws-sdk-docdb/client.rb
CHANGED
@@ -1020,6 +1020,35 @@ module Aws::DocDB
|
|
1020
1020
|
#
|
1021
1021
|
# </note>
|
1022
1022
|
#
|
1023
|
+
# @option params [Boolean] :manage_master_user_password
|
1024
|
+
# Specifies whether to manage the master user password with Amazon Web
|
1025
|
+
# Services Secrets Manager.
|
1026
|
+
#
|
1027
|
+
# Constraint: You can't manage the master user password with Amazon Web
|
1028
|
+
# Services Secrets Manager if `MasterUserPassword` is specified.
|
1029
|
+
#
|
1030
|
+
# @option params [String] :master_user_secret_kms_key_id
|
1031
|
+
# The Amazon Web Services KMS key identifier to encrypt a secret that is
|
1032
|
+
# automatically generated and managed in Amazon Web Services Secrets
|
1033
|
+
# Manager. This setting is valid only if the master user password is
|
1034
|
+
# managed by Amazon DocumentDB in Amazon Web Services Secrets Manager
|
1035
|
+
# for the DB cluster.
|
1036
|
+
#
|
1037
|
+
# The Amazon Web Services KMS key identifier is the key ARN, key ID,
|
1038
|
+
# alias ARN, or alias name for the KMS key. To use a KMS key in a
|
1039
|
+
# different Amazon Web Services account, specify the key ARN or alias
|
1040
|
+
# ARN.
|
1041
|
+
#
|
1042
|
+
# If you don't specify `MasterUserSecretKmsKeyId`, then the
|
1043
|
+
# `aws/secretsmanager` KMS key is used to encrypt the secret. If the
|
1044
|
+
# secret is in a different Amazon Web Services account, then you can't
|
1045
|
+
# use the `aws/secretsmanager` KMS key to encrypt the secret, and you
|
1046
|
+
# must use a customer managed KMS key.
|
1047
|
+
#
|
1048
|
+
# There is a default KMS key for your Amazon Web Services account. Your
|
1049
|
+
# Amazon Web Services account has a different default KMS key for each
|
1050
|
+
# Amazon Web Services Region.
|
1051
|
+
#
|
1023
1052
|
# @option params [String] :source_region
|
1024
1053
|
# The source region of the snapshot. This is only needed when the
|
1025
1054
|
# shapshot is encrypted and in a different region.
|
@@ -1057,6 +1086,8 @@ module Aws::DocDB
|
|
1057
1086
|
# deletion_protection: false,
|
1058
1087
|
# global_cluster_identifier: "GlobalClusterIdentifier",
|
1059
1088
|
# storage_type: "String",
|
1089
|
+
# manage_master_user_password: false,
|
1090
|
+
# master_user_secret_kms_key_id: "String",
|
1060
1091
|
# source_region: "String",
|
1061
1092
|
# })
|
1062
1093
|
#
|
@@ -1106,6 +1137,9 @@ module Aws::DocDB
|
|
1106
1137
|
# resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
|
1107
1138
|
# resp.db_cluster.deletion_protection #=> Boolean
|
1108
1139
|
# resp.db_cluster.storage_type #=> String
|
1140
|
+
# resp.db_cluster.master_user_secret.secret_arn #=> String
|
1141
|
+
# resp.db_cluster.master_user_secret.secret_status #=> String
|
1142
|
+
# resp.db_cluster.master_user_secret.kms_key_id #=> String
|
1109
1143
|
#
|
1110
1144
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/CreateDBCluster AWS API Documentation
|
1111
1145
|
#
|
@@ -1858,6 +1892,9 @@ module Aws::DocDB
|
|
1858
1892
|
# resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
|
1859
1893
|
# resp.db_cluster.deletion_protection #=> Boolean
|
1860
1894
|
# resp.db_cluster.storage_type #=> String
|
1895
|
+
# resp.db_cluster.master_user_secret.secret_arn #=> String
|
1896
|
+
# resp.db_cluster.master_user_secret.secret_status #=> String
|
1897
|
+
# resp.db_cluster.master_user_secret.kms_key_id #=> String
|
1861
1898
|
#
|
1862
1899
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/DeleteDBCluster AWS API Documentation
|
1863
1900
|
#
|
@@ -2706,6 +2743,9 @@ module Aws::DocDB
|
|
2706
2743
|
# resp.db_clusters[0].enabled_cloudwatch_logs_exports[0] #=> String
|
2707
2744
|
# resp.db_clusters[0].deletion_protection #=> Boolean
|
2708
2745
|
# resp.db_clusters[0].storage_type #=> String
|
2746
|
+
# resp.db_clusters[0].master_user_secret.secret_arn #=> String
|
2747
|
+
# resp.db_clusters[0].master_user_secret.secret_status #=> String
|
2748
|
+
# resp.db_clusters[0].master_user_secret.kms_key_id #=> String
|
2709
2749
|
#
|
2710
2750
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/DescribeDBClusters AWS API Documentation
|
2711
2751
|
#
|
@@ -3676,6 +3716,9 @@ module Aws::DocDB
|
|
3676
3716
|
# resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
|
3677
3717
|
# resp.db_cluster.deletion_protection #=> Boolean
|
3678
3718
|
# resp.db_cluster.storage_type #=> String
|
3719
|
+
# resp.db_cluster.master_user_secret.secret_arn #=> String
|
3720
|
+
# resp.db_cluster.master_user_secret.secret_status #=> String
|
3721
|
+
# resp.db_cluster.master_user_secret.kms_key_id #=> String
|
3679
3722
|
#
|
3680
3723
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/FailoverDBCluster AWS API Documentation
|
3681
3724
|
#
|
@@ -3979,6 +4022,60 @@ module Aws::DocDB
|
|
3979
4022
|
#
|
3980
4023
|
# Default value is `standard `
|
3981
4024
|
#
|
4025
|
+
# @option params [Boolean] :manage_master_user_password
|
4026
|
+
# Specifies whether to manage the master user password with Amazon Web
|
4027
|
+
# Services Secrets Manager. If the cluster doesn't manage the master
|
4028
|
+
# user password with Amazon Web Services Secrets Manager, you can turn
|
4029
|
+
# on this management. In this case, you can't specify
|
4030
|
+
# `MasterUserPassword`. If the cluster already manages the master user
|
4031
|
+
# password with Amazon Web Services Secrets Manager, and you specify
|
4032
|
+
# that the master user password is not managed with Amazon Web Services
|
4033
|
+
# Secrets Manager, then you must specify `MasterUserPassword`. In this
|
4034
|
+
# case, Amazon DocumentDB deletes the secret and uses the new password
|
4035
|
+
# for the master user specified by `MasterUserPassword`.
|
4036
|
+
#
|
4037
|
+
# @option params [String] :master_user_secret_kms_key_id
|
4038
|
+
# The Amazon Web Services KMS key identifier to encrypt a secret that is
|
4039
|
+
# automatically generated and managed in Amazon Web Services Secrets
|
4040
|
+
# Manager.
|
4041
|
+
#
|
4042
|
+
# This setting is valid only if both of the following conditions are
|
4043
|
+
# met:
|
4044
|
+
#
|
4045
|
+
# * The cluster doesn't manage the master user password in Amazon Web
|
4046
|
+
# Services Secrets Manager. If the cluster already manages the master
|
4047
|
+
# user password in Amazon Web Services Secrets Manager, you can't
|
4048
|
+
# change the KMS key that is used to encrypt the secret.
|
4049
|
+
#
|
4050
|
+
# * You are enabling `ManageMasterUserPassword` to manage the master
|
4051
|
+
# user password in Amazon Web Services Secrets Manager. If you are
|
4052
|
+
# turning on `ManageMasterUserPassword` and don't specify
|
4053
|
+
# `MasterUserSecretKmsKeyId`, then the `aws/secretsmanager` KMS key is
|
4054
|
+
# used to encrypt the secret. If the secret is in a different Amazon
|
4055
|
+
# Web Services account, then you can't use the `aws/secretsmanager`
|
4056
|
+
# KMS key to encrypt the secret, and you must use a customer managed
|
4057
|
+
# KMS key.
|
4058
|
+
#
|
4059
|
+
# The Amazon Web Services KMS key identifier is the key ARN, key ID,
|
4060
|
+
# alias ARN, or alias name for the KMS key. To use a KMS key in a
|
4061
|
+
# different Amazon Web Services account, specify the key ARN or alias
|
4062
|
+
# ARN.
|
4063
|
+
#
|
4064
|
+
# There is a default KMS key for your Amazon Web Services account. Your
|
4065
|
+
# Amazon Web Services account has a different default KMS key for each
|
4066
|
+
# Amazon Web Services Region.
|
4067
|
+
#
|
4068
|
+
# @option params [Boolean] :rotate_master_user_password
|
4069
|
+
# Specifies whether to rotate the secret managed by Amazon Web Services
|
4070
|
+
# Secrets Manager for the master user password.
|
4071
|
+
#
|
4072
|
+
# This setting is valid only if the master user password is managed by
|
4073
|
+
# Amazon DocumentDB in Amazon Web Services Secrets Manager for the
|
4074
|
+
# cluster. The secret value contains the updated password.
|
4075
|
+
#
|
4076
|
+
# Constraint: You must apply the change immediately when rotating the
|
4077
|
+
# master user password.
|
4078
|
+
#
|
3982
4079
|
# @return [Types::ModifyDBClusterResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3983
4080
|
#
|
3984
4081
|
# * {Types::ModifyDBClusterResult#db_cluster #db_cluster} => Types::DBCluster
|
@@ -4004,6 +4101,9 @@ module Aws::DocDB
|
|
4004
4101
|
# allow_major_version_upgrade: false,
|
4005
4102
|
# deletion_protection: false,
|
4006
4103
|
# storage_type: "String",
|
4104
|
+
# manage_master_user_password: false,
|
4105
|
+
# master_user_secret_kms_key_id: "String",
|
4106
|
+
# rotate_master_user_password: false,
|
4007
4107
|
# })
|
4008
4108
|
#
|
4009
4109
|
# @example Response structure
|
@@ -4052,6 +4152,9 @@ module Aws::DocDB
|
|
4052
4152
|
# resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
|
4053
4153
|
# resp.db_cluster.deletion_protection #=> Boolean
|
4054
4154
|
# resp.db_cluster.storage_type #=> String
|
4155
|
+
# resp.db_cluster.master_user_secret.secret_arn #=> String
|
4156
|
+
# resp.db_cluster.master_user_secret.secret_status #=> String
|
4157
|
+
# resp.db_cluster.master_user_secret.kms_key_id #=> String
|
4055
4158
|
#
|
4056
4159
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/ModifyDBCluster AWS API Documentation
|
4057
4160
|
#
|
@@ -5127,6 +5230,9 @@ module Aws::DocDB
|
|
5127
5230
|
# resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
|
5128
5231
|
# resp.db_cluster.deletion_protection #=> Boolean
|
5129
5232
|
# resp.db_cluster.storage_type #=> String
|
5233
|
+
# resp.db_cluster.master_user_secret.secret_arn #=> String
|
5234
|
+
# resp.db_cluster.master_user_secret.secret_status #=> String
|
5235
|
+
# resp.db_cluster.master_user_secret.kms_key_id #=> String
|
5130
5236
|
#
|
5131
5237
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/RestoreDBClusterFromSnapshot AWS API Documentation
|
5132
5238
|
#
|
@@ -5351,6 +5457,9 @@ module Aws::DocDB
|
|
5351
5457
|
# resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
|
5352
5458
|
# resp.db_cluster.deletion_protection #=> Boolean
|
5353
5459
|
# resp.db_cluster.storage_type #=> String
|
5460
|
+
# resp.db_cluster.master_user_secret.secret_arn #=> String
|
5461
|
+
# resp.db_cluster.master_user_secret.secret_status #=> String
|
5462
|
+
# resp.db_cluster.master_user_secret.kms_key_id #=> String
|
5354
5463
|
#
|
5355
5464
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/RestoreDBClusterToPointInTime AWS API Documentation
|
5356
5465
|
#
|
@@ -5429,6 +5538,9 @@ module Aws::DocDB
|
|
5429
5538
|
# resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
|
5430
5539
|
# resp.db_cluster.deletion_protection #=> Boolean
|
5431
5540
|
# resp.db_cluster.storage_type #=> String
|
5541
|
+
# resp.db_cluster.master_user_secret.secret_arn #=> String
|
5542
|
+
# resp.db_cluster.master_user_secret.secret_status #=> String
|
5543
|
+
# resp.db_cluster.master_user_secret.kms_key_id #=> String
|
5432
5544
|
#
|
5433
5545
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/StartDBCluster AWS API Documentation
|
5434
5546
|
#
|
@@ -5507,6 +5619,9 @@ module Aws::DocDB
|
|
5507
5619
|
# resp.db_cluster.enabled_cloudwatch_logs_exports[0] #=> String
|
5508
5620
|
# resp.db_cluster.deletion_protection #=> Boolean
|
5509
5621
|
# resp.db_cluster.storage_type #=> String
|
5622
|
+
# resp.db_cluster.master_user_secret.secret_arn #=> String
|
5623
|
+
# resp.db_cluster.master_user_secret.secret_status #=> String
|
5624
|
+
# resp.db_cluster.master_user_secret.kms_key_id #=> String
|
5510
5625
|
#
|
5511
5626
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/StopDBCluster AWS API Documentation
|
5512
5627
|
#
|
@@ -5605,7 +5720,7 @@ module Aws::DocDB
|
|
5605
5720
|
tracer: tracer
|
5606
5721
|
)
|
5607
5722
|
context[:gem_name] = 'aws-sdk-docdb'
|
5608
|
-
context[:gem_version] = '1.
|
5723
|
+
context[:gem_version] = '1.80.0'
|
5609
5724
|
Seahorse::Client::Request.new(handlers, context)
|
5610
5725
|
end
|
5611
5726
|
|
@@ -34,6 +34,7 @@ module Aws::DocDB
|
|
34
34
|
CertificateMessage = Shapes::StructureShape.new(name: 'CertificateMessage')
|
35
35
|
CertificateNotFoundFault = Shapes::StructureShape.new(name: 'CertificateNotFoundFault', error: {"code"=>"CertificateNotFound", "httpStatusCode"=>404, "senderFault"=>true})
|
36
36
|
CloudwatchLogsExportConfiguration = Shapes::StructureShape.new(name: 'CloudwatchLogsExportConfiguration')
|
37
|
+
ClusterMasterUserSecret = Shapes::StructureShape.new(name: 'ClusterMasterUserSecret')
|
37
38
|
CopyDBClusterParameterGroupMessage = Shapes::StructureShape.new(name: 'CopyDBClusterParameterGroupMessage')
|
38
39
|
CopyDBClusterParameterGroupResult = Shapes::StructureShape.new(name: 'CopyDBClusterParameterGroupResult')
|
39
40
|
CopyDBClusterSnapshotMessage = Shapes::StructureShape.new(name: 'CopyDBClusterSnapshotMessage')
|
@@ -314,6 +315,11 @@ module Aws::DocDB
|
|
314
315
|
CloudwatchLogsExportConfiguration.add_member(:disable_log_types, Shapes::ShapeRef.new(shape: LogTypeList, location_name: "DisableLogTypes"))
|
315
316
|
CloudwatchLogsExportConfiguration.struct_class = Types::CloudwatchLogsExportConfiguration
|
316
317
|
|
318
|
+
ClusterMasterUserSecret.add_member(:secret_arn, Shapes::ShapeRef.new(shape: String, location_name: "SecretArn"))
|
319
|
+
ClusterMasterUserSecret.add_member(:secret_status, Shapes::ShapeRef.new(shape: String, location_name: "SecretStatus"))
|
320
|
+
ClusterMasterUserSecret.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "KmsKeyId"))
|
321
|
+
ClusterMasterUserSecret.struct_class = Types::ClusterMasterUserSecret
|
322
|
+
|
317
323
|
CopyDBClusterParameterGroupMessage.add_member(:source_db_cluster_parameter_group_identifier, Shapes::ShapeRef.new(shape: String, required: true, location_name: "SourceDBClusterParameterGroupIdentifier"))
|
318
324
|
CopyDBClusterParameterGroupMessage.add_member(:target_db_cluster_parameter_group_identifier, Shapes::ShapeRef.new(shape: String, required: true, location_name: "TargetDBClusterParameterGroupIdentifier"))
|
319
325
|
CopyDBClusterParameterGroupMessage.add_member(:target_db_cluster_parameter_group_description, Shapes::ShapeRef.new(shape: String, required: true, location_name: "TargetDBClusterParameterGroupDescription"))
|
@@ -356,6 +362,8 @@ module Aws::DocDB
|
|
356
362
|
CreateDBClusterMessage.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "DeletionProtection"))
|
357
363
|
CreateDBClusterMessage.add_member(:global_cluster_identifier, Shapes::ShapeRef.new(shape: GlobalClusterIdentifier, location_name: "GlobalClusterIdentifier"))
|
358
364
|
CreateDBClusterMessage.add_member(:storage_type, Shapes::ShapeRef.new(shape: String, location_name: "StorageType"))
|
365
|
+
CreateDBClusterMessage.add_member(:manage_master_user_password, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "ManageMasterUserPassword"))
|
366
|
+
CreateDBClusterMessage.add_member(:master_user_secret_kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "MasterUserSecretKmsKeyId"))
|
359
367
|
CreateDBClusterMessage.add_member(:source_region, Shapes::ShapeRef.new(shape: String, location_name: "SourceRegion"))
|
360
368
|
CreateDBClusterMessage.struct_class = Types::CreateDBClusterMessage
|
361
369
|
|
@@ -463,6 +471,7 @@ module Aws::DocDB
|
|
463
471
|
DBCluster.add_member(:enabled_cloudwatch_logs_exports, Shapes::ShapeRef.new(shape: LogTypeList, location_name: "EnabledCloudwatchLogsExports"))
|
464
472
|
DBCluster.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: Boolean, location_name: "DeletionProtection"))
|
465
473
|
DBCluster.add_member(:storage_type, Shapes::ShapeRef.new(shape: String, location_name: "StorageType"))
|
474
|
+
DBCluster.add_member(:master_user_secret, Shapes::ShapeRef.new(shape: ClusterMasterUserSecret, location_name: "MasterUserSecret"))
|
466
475
|
DBCluster.struct_class = Types::DBCluster
|
467
476
|
|
468
477
|
DBClusterAlreadyExistsFault.struct_class = Types::DBClusterAlreadyExistsFault
|
@@ -981,6 +990,9 @@ module Aws::DocDB
|
|
981
990
|
ModifyDBClusterMessage.add_member(:allow_major_version_upgrade, Shapes::ShapeRef.new(shape: Boolean, location_name: "AllowMajorVersionUpgrade"))
|
982
991
|
ModifyDBClusterMessage.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "DeletionProtection"))
|
983
992
|
ModifyDBClusterMessage.add_member(:storage_type, Shapes::ShapeRef.new(shape: String, location_name: "StorageType"))
|
993
|
+
ModifyDBClusterMessage.add_member(:manage_master_user_password, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "ManageMasterUserPassword"))
|
994
|
+
ModifyDBClusterMessage.add_member(:master_user_secret_kms_key_id, Shapes::ShapeRef.new(shape: String, location_name: "MasterUserSecretKmsKeyId"))
|
995
|
+
ModifyDBClusterMessage.add_member(:rotate_master_user_password, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "RotateMasterUserPassword"))
|
984
996
|
ModifyDBClusterMessage.struct_class = Types::ModifyDBClusterMessage
|
985
997
|
|
986
998
|
ModifyDBClusterParameterGroupMessage.add_member(:db_cluster_parameter_group_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "DBClusterParameterGroupName"))
|
data/lib/aws-sdk-docdb/types.rb
CHANGED
@@ -279,6 +279,51 @@ module Aws::DocDB
|
|
279
279
|
include Aws::Structure
|
280
280
|
end
|
281
281
|
|
282
|
+
# Contains the secret managed by Amazon DocumentDB in Amazon Web
|
283
|
+
# Services Secrets Manager for the master user password.
|
284
|
+
#
|
285
|
+
# @!attribute [rw] secret_arn
|
286
|
+
# The Amazon Resource Name (ARN) of the secret.
|
287
|
+
# @return [String]
|
288
|
+
#
|
289
|
+
# @!attribute [rw] secret_status
|
290
|
+
# The status of the secret.
|
291
|
+
#
|
292
|
+
# The possible status values include the following:
|
293
|
+
#
|
294
|
+
# * creating - The secret is being created.
|
295
|
+
#
|
296
|
+
# * active - The secret is available for normal use and rotation.
|
297
|
+
#
|
298
|
+
# * rotating - The secret is being rotated.
|
299
|
+
#
|
300
|
+
# * impaired - The secret can be used to access database credentials,
|
301
|
+
# but it can't be rotated. A secret might have this status if, for
|
302
|
+
# example, permissions are changed so that Amazon DocumentDB can no
|
303
|
+
# longer access either the secret or the KMS key for the secret.
|
304
|
+
#
|
305
|
+
# When a secret has this status, you can correct the condition that
|
306
|
+
# caused the status. Alternatively, modify the instance to turn off
|
307
|
+
# automatic management of database credentials, and then modify the
|
308
|
+
# instance again to turn on automatic management of database
|
309
|
+
# credentials.
|
310
|
+
# @return [String]
|
311
|
+
#
|
312
|
+
# @!attribute [rw] kms_key_id
|
313
|
+
# The Amazon Web Services KMS key identifier that is used to encrypt
|
314
|
+
# the secret.
|
315
|
+
# @return [String]
|
316
|
+
#
|
317
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/ClusterMasterUserSecret AWS API Documentation
|
318
|
+
#
|
319
|
+
class ClusterMasterUserSecret < Struct.new(
|
320
|
+
:secret_arn,
|
321
|
+
:secret_status,
|
322
|
+
:kms_key_id)
|
323
|
+
SENSITIVE = []
|
324
|
+
include Aws::Structure
|
325
|
+
end
|
326
|
+
|
282
327
|
# Represents the input to CopyDBClusterParameterGroup.
|
283
328
|
#
|
284
329
|
# @!attribute [rw] source_db_cluster_parameter_group_identifier
|
@@ -686,6 +731,37 @@ module Aws::DocDB
|
|
686
731
|
# </note>
|
687
732
|
# @return [String]
|
688
733
|
#
|
734
|
+
# @!attribute [rw] manage_master_user_password
|
735
|
+
# Specifies whether to manage the master user password with Amazon Web
|
736
|
+
# Services Secrets Manager.
|
737
|
+
#
|
738
|
+
# Constraint: You can't manage the master user password with Amazon
|
739
|
+
# Web Services Secrets Manager if `MasterUserPassword` is specified.
|
740
|
+
# @return [Boolean]
|
741
|
+
#
|
742
|
+
# @!attribute [rw] master_user_secret_kms_key_id
|
743
|
+
# The Amazon Web Services KMS key identifier to encrypt a secret that
|
744
|
+
# is automatically generated and managed in Amazon Web Services
|
745
|
+
# Secrets Manager. This setting is valid only if the master user
|
746
|
+
# password is managed by Amazon DocumentDB in Amazon Web Services
|
747
|
+
# Secrets Manager for the DB cluster.
|
748
|
+
#
|
749
|
+
# The Amazon Web Services KMS key identifier is the key ARN, key ID,
|
750
|
+
# alias ARN, or alias name for the KMS key. To use a KMS key in a
|
751
|
+
# different Amazon Web Services account, specify the key ARN or alias
|
752
|
+
# ARN.
|
753
|
+
#
|
754
|
+
# If you don't specify `MasterUserSecretKmsKeyId`, then the
|
755
|
+
# `aws/secretsmanager` KMS key is used to encrypt the secret. If the
|
756
|
+
# secret is in a different Amazon Web Services account, then you
|
757
|
+
# can't use the `aws/secretsmanager` KMS key to encrypt the secret,
|
758
|
+
# and you must use a customer managed KMS key.
|
759
|
+
#
|
760
|
+
# There is a default KMS key for your Amazon Web Services account.
|
761
|
+
# Your Amazon Web Services account has a different default KMS key for
|
762
|
+
# each Amazon Web Services Region.
|
763
|
+
# @return [String]
|
764
|
+
#
|
689
765
|
# @!attribute [rw] source_region
|
690
766
|
# The source region of the snapshot. This is only needed when the
|
691
767
|
# shapshot is encrypted and in a different region.
|
@@ -715,6 +791,8 @@ module Aws::DocDB
|
|
715
791
|
:deletion_protection,
|
716
792
|
:global_cluster_identifier,
|
717
793
|
:storage_type,
|
794
|
+
:manage_master_user_password,
|
795
|
+
:master_user_secret_kms_key_id,
|
718
796
|
:source_region)
|
719
797
|
SENSITIVE = []
|
720
798
|
include Aws::Structure
|
@@ -1373,6 +1451,11 @@ module Aws::DocDB
|
|
1373
1451
|
# Default value is `standard `
|
1374
1452
|
# @return [String]
|
1375
1453
|
#
|
1454
|
+
# @!attribute [rw] master_user_secret
|
1455
|
+
# The secret managed by Amazon DocumentDB in Amazon Web Services
|
1456
|
+
# Secrets Manager for the master user password.
|
1457
|
+
# @return [Types::ClusterMasterUserSecret]
|
1458
|
+
#
|
1376
1459
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/DBCluster AWS API Documentation
|
1377
1460
|
#
|
1378
1461
|
class DBCluster < Struct.new(
|
@@ -1408,7 +1491,8 @@ module Aws::DocDB
|
|
1408
1491
|
:cluster_create_time,
|
1409
1492
|
:enabled_cloudwatch_logs_exports,
|
1410
1493
|
:deletion_protection,
|
1411
|
-
:storage_type
|
1494
|
+
:storage_type,
|
1495
|
+
:master_user_secret)
|
1412
1496
|
SENSITIVE = []
|
1413
1497
|
include Aws::Structure
|
1414
1498
|
end
|
@@ -4228,6 +4312,64 @@ module Aws::DocDB
|
|
4228
4312
|
# Default value is `standard `
|
4229
4313
|
# @return [String]
|
4230
4314
|
#
|
4315
|
+
# @!attribute [rw] manage_master_user_password
|
4316
|
+
# Specifies whether to manage the master user password with Amazon Web
|
4317
|
+
# Services Secrets Manager. If the cluster doesn't manage the master
|
4318
|
+
# user password with Amazon Web Services Secrets Manager, you can turn
|
4319
|
+
# on this management. In this case, you can't specify
|
4320
|
+
# `MasterUserPassword`. If the cluster already manages the master user
|
4321
|
+
# password with Amazon Web Services Secrets Manager, and you specify
|
4322
|
+
# that the master user password is not managed with Amazon Web
|
4323
|
+
# Services Secrets Manager, then you must specify
|
4324
|
+
# `MasterUserPassword`. In this case, Amazon DocumentDB deletes the
|
4325
|
+
# secret and uses the new password for the master user specified by
|
4326
|
+
# `MasterUserPassword`.
|
4327
|
+
# @return [Boolean]
|
4328
|
+
#
|
4329
|
+
# @!attribute [rw] master_user_secret_kms_key_id
|
4330
|
+
# The Amazon Web Services KMS key identifier to encrypt a secret that
|
4331
|
+
# is automatically generated and managed in Amazon Web Services
|
4332
|
+
# Secrets Manager.
|
4333
|
+
#
|
4334
|
+
# This setting is valid only if both of the following conditions are
|
4335
|
+
# met:
|
4336
|
+
#
|
4337
|
+
# * The cluster doesn't manage the master user password in Amazon Web
|
4338
|
+
# Services Secrets Manager. If the cluster already manages the
|
4339
|
+
# master user password in Amazon Web Services Secrets Manager, you
|
4340
|
+
# can't change the KMS key that is used to encrypt the secret.
|
4341
|
+
#
|
4342
|
+
# * You are enabling `ManageMasterUserPassword` to manage the master
|
4343
|
+
# user password in Amazon Web Services Secrets Manager. If you are
|
4344
|
+
# turning on `ManageMasterUserPassword` and don't specify
|
4345
|
+
# `MasterUserSecretKmsKeyId`, then the `aws/secretsmanager` KMS key
|
4346
|
+
# is used to encrypt the secret. If the secret is in a different
|
4347
|
+
# Amazon Web Services account, then you can't use the
|
4348
|
+
# `aws/secretsmanager` KMS key to encrypt the secret, and you must
|
4349
|
+
# use a customer managed KMS key.
|
4350
|
+
#
|
4351
|
+
# The Amazon Web Services KMS key identifier is the key ARN, key ID,
|
4352
|
+
# alias ARN, or alias name for the KMS key. To use a KMS key in a
|
4353
|
+
# different Amazon Web Services account, specify the key ARN or alias
|
4354
|
+
# ARN.
|
4355
|
+
#
|
4356
|
+
# There is a default KMS key for your Amazon Web Services account.
|
4357
|
+
# Your Amazon Web Services account has a different default KMS key for
|
4358
|
+
# each Amazon Web Services Region.
|
4359
|
+
# @return [String]
|
4360
|
+
#
|
4361
|
+
# @!attribute [rw] rotate_master_user_password
|
4362
|
+
# Specifies whether to rotate the secret managed by Amazon Web
|
4363
|
+
# Services Secrets Manager for the master user password.
|
4364
|
+
#
|
4365
|
+
# This setting is valid only if the master user password is managed by
|
4366
|
+
# Amazon DocumentDB in Amazon Web Services Secrets Manager for the
|
4367
|
+
# cluster. The secret value contains the updated password.
|
4368
|
+
#
|
4369
|
+
# Constraint: You must apply the change immediately when rotating the
|
4370
|
+
# master user password.
|
4371
|
+
# @return [Boolean]
|
4372
|
+
#
|
4231
4373
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/ModifyDBClusterMessage AWS API Documentation
|
4232
4374
|
#
|
4233
4375
|
class ModifyDBClusterMessage < Struct.new(
|
@@ -4245,7 +4387,10 @@ module Aws::DocDB
|
|
4245
4387
|
:engine_version,
|
4246
4388
|
:allow_major_version_upgrade,
|
4247
4389
|
:deletion_protection,
|
4248
|
-
:storage_type
|
4390
|
+
:storage_type,
|
4391
|
+
:manage_master_user_password,
|
4392
|
+
:master_user_secret_kms_key_id,
|
4393
|
+
:rotate_master_user_password)
|
4249
4394
|
SENSITIVE = []
|
4250
4395
|
include Aws::Structure
|
4251
4396
|
end
|
@@ -5732,7 +5877,7 @@ module Aws::DocDB
|
|
5732
5877
|
# or "`rds:`". The string can contain only the set of Unicode
|
5733
5878
|
# letters, digits, white space, '\_', '.', '/', '=', '+',
|
5734
5879
|
# '-' (Java regex:
|
5735
|
-
# "^(\[\\\\p
|
5880
|
+
# "^(\[\\\\p\{L}\\\\p\{Z}\\\\p\{N}\_.:/=+\\\\-\]*)$").
|
5736
5881
|
# @return [String]
|
5737
5882
|
#
|
5738
5883
|
# @!attribute [rw] value
|
@@ -5741,7 +5886,7 @@ module Aws::DocDB
|
|
5741
5886
|
# or "`rds:`". The string can contain only the set of Unicode
|
5742
5887
|
# letters, digits, white space, '\_', '.', '/', '=', '+',
|
5743
5888
|
# '-' (Java regex:
|
5744
|
-
# "^(\[\\\\p
|
5889
|
+
# "^(\[\\\\p\{L}\\\\p\{Z}\\\\p\{N}\_.:/=+\\\\-\]*)$").
|
5745
5890
|
# @return [String]
|
5746
5891
|
#
|
5747
5892
|
# @see http://docs.aws.amazon.com/goto/WebAPI/docdb-2014-10-31/Tag AWS API Documentation
|
data/lib/aws-sdk-docdb.rb
CHANGED
data/sig/client.rbs
CHANGED
@@ -181,6 +181,8 @@ module Aws
|
|
181
181
|
?deletion_protection: bool,
|
182
182
|
?global_cluster_identifier: ::String,
|
183
183
|
?storage_type: ::String,
|
184
|
+
?manage_master_user_password: bool,
|
185
|
+
?master_user_secret_kms_key_id: ::String,
|
184
186
|
?source_region: ::String
|
185
187
|
) -> _CreateDBClusterResponseSuccess
|
186
188
|
| (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CreateDBClusterResponseSuccess
|
@@ -739,7 +741,10 @@ module Aws
|
|
739
741
|
?engine_version: ::String,
|
740
742
|
?allow_major_version_upgrade: bool,
|
741
743
|
?deletion_protection: bool,
|
742
|
-
?storage_type: ::String
|
744
|
+
?storage_type: ::String,
|
745
|
+
?manage_master_user_password: bool,
|
746
|
+
?master_user_secret_kms_key_id: ::String,
|
747
|
+
?rotate_master_user_password: bool
|
743
748
|
) -> _ModifyDBClusterResponseSuccess
|
744
749
|
| (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ModifyDBClusterResponseSuccess
|
745
750
|
|
data/sig/types.rbs
CHANGED
@@ -76,6 +76,13 @@ module Aws::DocDB
|
|
76
76
|
SENSITIVE: []
|
77
77
|
end
|
78
78
|
|
79
|
+
class ClusterMasterUserSecret
|
80
|
+
attr_accessor secret_arn: ::String
|
81
|
+
attr_accessor secret_status: ::String
|
82
|
+
attr_accessor kms_key_id: ::String
|
83
|
+
SENSITIVE: []
|
84
|
+
end
|
85
|
+
|
79
86
|
class CopyDBClusterParameterGroupMessage
|
80
87
|
attr_accessor source_db_cluster_parameter_group_identifier: ::String
|
81
88
|
attr_accessor target_db_cluster_parameter_group_identifier: ::String
|
@@ -127,6 +134,8 @@ module Aws::DocDB
|
|
127
134
|
attr_accessor deletion_protection: bool
|
128
135
|
attr_accessor global_cluster_identifier: ::String
|
129
136
|
attr_accessor storage_type: ::String
|
137
|
+
attr_accessor manage_master_user_password: bool
|
138
|
+
attr_accessor master_user_secret_kms_key_id: ::String
|
130
139
|
attr_accessor source_region: ::String
|
131
140
|
SENSITIVE: []
|
132
141
|
end
|
@@ -262,6 +271,7 @@ module Aws::DocDB
|
|
262
271
|
attr_accessor enabled_cloudwatch_logs_exports: ::Array[::String]
|
263
272
|
attr_accessor deletion_protection: bool
|
264
273
|
attr_accessor storage_type: ::String
|
274
|
+
attr_accessor master_user_secret: Types::ClusterMasterUserSecret
|
265
275
|
SENSITIVE: []
|
266
276
|
end
|
267
277
|
|
@@ -914,6 +924,9 @@ module Aws::DocDB
|
|
914
924
|
attr_accessor allow_major_version_upgrade: bool
|
915
925
|
attr_accessor deletion_protection: bool
|
916
926
|
attr_accessor storage_type: ::String
|
927
|
+
attr_accessor manage_master_user_password: bool
|
928
|
+
attr_accessor master_user_secret_kms_key_id: ::String
|
929
|
+
attr_accessor rotate_master_user_password: bool
|
917
930
|
SENSITIVE: []
|
918
931
|
end
|
919
932
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-docdb
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.80.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-12-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|