aws-sdk-redshift 1.98.0 → 1.100.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e75583d8a7a0c4f47f81e592fa4cea3210caf3d9b75e38de7dcd53d6decb140d
-  data.tar.gz: 6ca4969e38b092ebccea7b50f534250a41329af599bc9996ad48a0e1cf8c0b5a
+  metadata.gz: 3db7ac89d6b02321e5f620f09792b2e8190ebdd7c128393e6260fc98a0aabefc
+  data.tar.gz: e4f13d91086b6bf740f0897b38d82c36425bd2270d46271a395bb8d501fc11f6
 SHA512:
-  metadata.gz: a9e1e3a98f47eb29b72bd6a5698f736515ea99e25be0765b3f6468cec5adcea9be18adc7242421d8d37bc21b363ebc2bba121fa34a58981138c39f8aff03c327
-  data.tar.gz: 56a56d7f629b535b194332b6f9f85f0abf36619cf3da65d8276c18fa6c07ca759a8ec304c924ebc388ada24c1e25225cf210a5218f118ea24127658efe3846fa
+  metadata.gz: 89488448d7a364e44c275c015a0e81162b6da2511b9cfd04d93e355ea1b88148d6ae00d82ff997148fb5383aec0412b8d87a20e75fc03b31b90093e0ba6f0e64
+  data.tar.gz: 3b619562b1fd304e80cc49ea6195221850fba9c5b33e5a00d9d7cfd26dcc20c9bcb2bdf614152ae292151bd2d0dd56e7d2bd857ac6e24a50806e9b6ea1abae42

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.100.0 (2023-10-26)
+------------------
+
+* Feature - Add Redshift APIs GetResourcePolicy, DeleteResourcePolicy, PutResourcePolicy and DescribeInboundIntegrations for the new Amazon Redshift Zero-ETL integration feature, which can be used to control data ingress into Redshift namespace, and view inbound integrations.
+
+1.99.0 (2023-10-16)
+------------------
+
+* Feature - Added support for managing credentials of provisioned cluster admin using AWS Secrets Manager.
+
 1.98.0 (2023-09-27)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.98.0
+1.100.0

data/lib/aws-sdk-redshift/client.rb

@@ -820,6 +820,8 @@ module Aws::Redshift
     #   resp.snapshot.manual_snapshot_retention_period #=> Integer
     #   resp.snapshot.manual_snapshot_remaining_days #=> Integer
     #   resp.snapshot.snapshot_retention_start_time #=> Time
+    #   resp.snapshot.master_password_secret_arn #=> String
+    #   resp.snapshot.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/AuthorizeSnapshotAccess AWS API Documentation
     #
@@ -1103,6 +1105,8 @@ module Aws::Redshift
     #   resp.snapshot.manual_snapshot_retention_period #=> Integer
     #   resp.snapshot.manual_snapshot_remaining_days #=> Integer
     #   resp.snapshot.snapshot_retention_start_time #=> Time
+    #   resp.snapshot.master_password_secret_arn #=> String
+    #   resp.snapshot.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/CopyClusterSnapshot AWS API Documentation
     #
@@ -1255,10 +1259,13 @@ module Aws::Redshift
     #
     #   [1]: https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html
     #
-    # @option params [required, String] :master_user_password
+    # @option params [String] :master_user_password
     #   The password associated with the admin user account for the cluster
     #   that is being created.
     #
+    #   You can't use `MasterUserPassword` if `ManageMasterPassword` is
+    #   `true`.
+    #
     #   Constraints:
     #
     #   * Must be between 8 and 64 characters in length.
@@ -1510,6 +1517,18 @@ module Aws::Redshift
     #   A flag that specifies whether to load sample data once the cluster is
     #   created.
     #
+    # @option params [Boolean] :manage_master_password
+    #   If `true`, Amazon Redshift uses Secrets Manager to manage this
+    #   cluster's admin credentials. You can't use `MasterUserPassword` if
+    #   `ManageMasterPassword` is true. If `ManageMasterPassword` is false or
+    #   not set, Amazon Redshift uses `MasterUserPassword` for the admin user
+    #   account's password.
+    #
+    # @option params [String] :master_password_secret_kms_key_id
+    #   The ID of the Key Management Service (KMS) key used to encrypt and
+    #   store the cluster's admin credentials secret. You can only use this
+    #   parameter if `ManageMasterPassword` is true.
+    #
     # @return [Types::CreateClusterResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateClusterResult#cluster #cluster} => Types::Cluster
@@ -1522,7 +1541,7 @@ module Aws::Redshift
     #     cluster_type: "String",
     #     node_type: "String", # required
     #     master_username: "String", # required
-    #     master_user_password: "String", # required
+    #     master_user_password: "SensitiveString",
     #     cluster_security_groups: ["String"],
     #     vpc_security_group_ids: ["String"],
     #     cluster_subnet_group_name: "String",
@@ -1556,6 +1575,8 @@ module Aws::Redshift
     #     aqua_configuration_status: "enabled", # accepts enabled, disabled, auto
     #     default_iam_role_arn: "String",
     #     load_sample_data: "String",
+    #     manage_master_password: false,
+    #     master_password_secret_kms_key_id: "String",
     #   })
     #
     # @example Response structure
@@ -1681,6 +1702,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/CreateCluster AWS API Documentation
     #
@@ -1960,6 +1983,8 @@ module Aws::Redshift
     #   resp.snapshot.manual_snapshot_retention_period #=> Integer
     #   resp.snapshot.manual_snapshot_remaining_days #=> Integer
     #   resp.snapshot.snapshot_retention_start_time #=> Time
+    #   resp.snapshot.master_password_secret_arn #=> String
+    #   resp.snapshot.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/CreateClusterSnapshot AWS API Documentation
     #
@@ -3109,6 +3134,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/DeleteCluster AWS API Documentation
     #
@@ -3264,6 +3291,8 @@ module Aws::Redshift
     #   resp.snapshot.manual_snapshot_retention_period #=> Integer
     #   resp.snapshot.manual_snapshot_remaining_days #=> Integer
     #   resp.snapshot.snapshot_retention_start_time #=> Time
+    #   resp.snapshot.master_password_secret_arn #=> String
+    #   resp.snapshot.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/DeleteClusterSnapshot AWS API Documentation
     #
@@ -3486,6 +3515,29 @@ module Aws::Redshift
       req.send_request(options)
     end
 
+    # Deletes the resource policy for a specified resource.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the resource of which its resource
+    #   policy is deleted.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_resource_policy({
+    #     resource_arn: "String", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/DeleteResourcePolicy AWS API Documentation
+    #
+    # @overload delete_resource_policy(params = {})
+    # @param [Hash] params ({})
+    def delete_resource_policy(params = {}, options = {})
+      req = build_request(:delete_resource_policy, params)
+      req.send_request(options)
+    end
+
     # Deletes a scheduled action.
     #
     # @option params [required, String] :scheduled_action_name
@@ -4244,6 +4296,8 @@ module Aws::Redshift
     #   resp.snapshots[0].manual_snapshot_retention_period #=> Integer
     #   resp.snapshots[0].manual_snapshot_remaining_days #=> Integer
     #   resp.snapshots[0].snapshot_retention_start_time #=> Time
+    #   resp.snapshots[0].master_password_secret_arn #=> String
+    #   resp.snapshots[0].master_password_secret_kms_key_id #=> String
     #
     #
     # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage):
@@ -4702,6 +4756,8 @@ module Aws::Redshift
     #   resp.clusters[0].custom_domain_name #=> String
     #   resp.clusters[0].custom_domain_certificate_arn #=> String
     #   resp.clusters[0].custom_domain_certificate_expiry_date #=> Time
+    #   resp.clusters[0].master_password_secret_arn #=> String
+    #   resp.clusters[0].master_password_secret_kms_key_id #=> String
     #
     #
     # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage):
@@ -4719,7 +4775,7 @@ module Aws::Redshift
       req.send_request(options)
     end
 
-    # Contains information for custom domain associations for a cluster.
+    # Contains information about custom domain associations for a cluster.
     #
     # @option params [String] :custom_domain_name
     #   The custom domain name for the custom domain association.
@@ -5658,6 +5714,73 @@ module Aws::Redshift
       req.send_request(options)
     end
 
+    # Returns a list of inbound integrations.
+    #
+    # @option params [String] :integration_arn
+    #   The Amazon Resource Name (ARN) of the inbound integration.
+    #
+    # @option params [String] :target_arn
+    #   The Amazon Resource Name (ARN) of the target of an inbound
+    #   integration.
+    #
+    # @option params [Integer] :max_records
+    #   The maximum number of response records to return in each call. If the
+    #   number of remaining response records exceeds the specified
+    #   `MaxRecords` value, a value is returned in a `marker` field of the
+    #   response. You can retrieve the next set of records by retrying the
+    #   command with the returned marker value.
+    #
+    #   Default: `100`
+    #
+    #   Constraints: minimum 20, maximum 100.
+    #
+    # @option params [String] :marker
+    #   An optional parameter that specifies the starting point to return a
+    #   set of response records. When the results of a
+    #   DescribeInboundIntegrations request exceed the value specified in
+    #   `MaxRecords`, Amazon Web Services returns a value in the `Marker`
+    #   field of the response. You can retrieve the next set of response
+    #   records by providing the returned marker value in the `Marker`
+    #   parameter and retrying the request.
+    #
+    # @return [Types::InboundIntegrationsMessage] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::InboundIntegrationsMessage#marker #marker} => String
+    #   * {Types::InboundIntegrationsMessage#inbound_integrations #inbound_integrations} => Array<Types::InboundIntegration>
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.describe_inbound_integrations({
+    #     integration_arn: "String",
+    #     target_arn: "String",
+    #     max_records: 1,
+    #     marker: "String",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.marker #=> String
+    #   resp.inbound_integrations #=> Array
+    #   resp.inbound_integrations[0].integration_arn #=> String
+    #   resp.inbound_integrations[0].source_arn #=> String
+    #   resp.inbound_integrations[0].target_arn #=> String
+    #   resp.inbound_integrations[0].status #=> String, one of "creating", "active", "modifying", "failed", "deleting", "syncing", "needs_attention"
+    #   resp.inbound_integrations[0].errors #=> Array
+    #   resp.inbound_integrations[0].errors[0].error_code #=> String
+    #   resp.inbound_integrations[0].errors[0].error_message #=> String
+    #   resp.inbound_integrations[0].create_time #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/DescribeInboundIntegrations AWS API Documentation
+    #
+    # @overload describe_inbound_integrations(params = {})
+    # @param [Hash] params ({})
+    def describe_inbound_integrations(params = {}, options = {})
+      req = build_request(:describe_inbound_integrations, params)
+      req.send_request(options)
+    end
+
     # Describes whether information, such as queries and connection
     # attempts, is being logged for the specified Amazon Redshift cluster.
     #
@@ -7012,6 +7135,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/DisableSnapshotCopy AWS API Documentation
     #
@@ -7349,6 +7474,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/EnableSnapshotCopy AWS API Documentation
     #
@@ -7737,6 +7864,36 @@ module Aws::Redshift
       req.send_request(options)
     end
 
+    # Get the resource policy for a specified resource.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the resource of which its resource
+    #   policy is fetched.
+    #
+    # @return [Types::GetResourcePolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetResourcePolicyResult#resource_policy #resource_policy} => Types::ResourcePolicy
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_resource_policy({
+    #     resource_arn: "String", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.resource_policy.resource_arn #=> String
+    #   resp.resource_policy.policy #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/GetResourcePolicy AWS API Documentation
+    #
+    # @overload get_resource_policy(params = {})
+    # @param [Hash] params ({})
+    def get_resource_policy(params = {}, options = {})
+      req = build_request(:get_resource_policy, params)
+      req.send_request(options)
+    end
+
     # This operation is retired. Calling this operation does not change AQUA
     # configuration. Amazon Redshift automatically determines whether to use
     # AQUA (Advanced Query Accelerator).
@@ -7902,6 +8059,9 @@ module Aws::Redshift
     #   element exists in the `PendingModifiedValues` element of the operation
     #   response.
     #
+    #   You can't use `MasterUserPassword` if `ManageMasterPassword` is
+    #   `true`.
+    #
     #   <note markdown="1"> Operations never return the password, so this operation provides a way
     #   to regain access to the admin user account for a cluster if the
     #   password is lost.
@@ -8091,6 +8251,18 @@ module Aws::Redshift
     # @option params [Integer] :port
     #   The option to change the port of an Amazon Redshift cluster.
     #
+    # @option params [Boolean] :manage_master_password
+    #   If `true`, Amazon Redshift uses Secrets Manager to manage this
+    #   cluster's admin credentials. You can't use `MasterUserPassword` if
+    #   `ManageMasterPassword` is true. If `ManageMasterPassword` is false or
+    #   not set, Amazon Redshift uses `MasterUserPassword` for the admin user
+    #   account's password.
+    #
+    # @option params [String] :master_password_secret_kms_key_id
+    #   The ID of the Key Management Service (KMS) key used to encrypt and
+    #   store the cluster's admin credentials secret. You can only use this
+    #   parameter if `ManageMasterPassword` is true.
+    #
     # @return [Types::ModifyClusterResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ModifyClusterResult#cluster #cluster} => Types::Cluster
@@ -8104,7 +8276,7 @@ module Aws::Redshift
     #     number_of_nodes: 1,
     #     cluster_security_groups: ["String"],
     #     vpc_security_group_ids: ["String"],
-    #     master_user_password: "String",
+    #     master_user_password: "SensitiveString",
     #     cluster_parameter_group_name: "String",
     #     automated_snapshot_retention_period: 1,
     #     manual_snapshot_retention_period: 1,
@@ -8123,6 +8295,8 @@ module Aws::Redshift
     #     availability_zone_relocation: false,
     #     availability_zone: "String",
     #     port: 1,
+    #     manage_master_password: false,
+    #     master_password_secret_kms_key_id: "String",
     #   })
     #
     # @example Response structure
@@ -8248,6 +8422,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ModifyCluster AWS API Documentation
     #
@@ -8405,6 +8581,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ModifyClusterDbRevision AWS API Documentation
     #
@@ -8578,6 +8756,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ModifyClusterIamRoles AWS API Documentation
     #
@@ -8751,6 +8931,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ModifyClusterMaintenance AWS API Documentation
     #
@@ -8898,6 +9080,8 @@ module Aws::Redshift
     #   resp.snapshot.manual_snapshot_retention_period #=> Integer
     #   resp.snapshot.manual_snapshot_remaining_days #=> Integer
     #   resp.snapshot.snapshot_retention_start_time #=> Time
+    #   resp.snapshot.master_password_secret_arn #=> String
+    #   resp.snapshot.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ModifyClusterSnapshot AWS API Documentation
     #
@@ -9472,6 +9656,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ModifySnapshotCopyRetentionPeriod AWS API Documentation
     #
@@ -9728,6 +9914,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/PauseCluster AWS API Documentation
     #
@@ -9799,6 +9987,40 @@ module Aws::Redshift
       req.send_request(options)
     end
 
+    # Updates the resource policy for a specified resource.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the resource of which its resource
+    #   policy is updated.
+    #
+    # @option params [required, String] :policy
+    #   The content of the resource policy being updated.
+    #
+    # @return [Types::PutResourcePolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::PutResourcePolicyResult#resource_policy #resource_policy} => Types::ResourcePolicy
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_resource_policy({
+    #     resource_arn: "String", # required
+    #     policy: "String", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.resource_policy.resource_arn #=> String
+    #   resp.resource_policy.policy #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/PutResourcePolicy AWS API Documentation
+    #
+    # @overload put_resource_policy(params = {})
+    # @param [Hash] params ({})
+    def put_resource_policy(params = {}, options = {})
+      req = build_request(:put_resource_policy, params)
+      req.send_request(options)
+    end
+
     # Reboots a cluster. This action is taken as soon as possible. It
     # results in a momentary outage to the cluster, during which the cluster
     # status is set to `rebooting`. A cluster event is created when the
@@ -9947,6 +10169,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/RebootCluster AWS API Documentation
     #
@@ -10254,6 +10478,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ResizeCluster AWS API Documentation
     #
@@ -10545,6 +10771,17 @@ module Aws::Redshift
     #   encrypted with Key Management Service (KMS) and a customer managed
     #   key.
     #
+    # @option params [Boolean] :manage_master_password
+    #   If `true`, Amazon Redshift uses Secrets Manager to manage the restored
+    #   cluster's admin credentials. If `ManageMasterPassword` is false or
+    #   not set, Amazon Redshift uses the admin credentials the cluster had at
+    #   the time the snapshot was taken.
+    #
+    # @option params [String] :master_password_secret_kms_key_id
+    #   The ID of the Key Management Service (KMS) key used to encrypt and
+    #   store the cluster's admin credentials secret. You can only use this
+    #   parameter if `ManageMasterPassword` is true.
+    #
     # @return [Types::RestoreFromClusterSnapshotResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::RestoreFromClusterSnapshotResult#cluster #cluster} => Types::Cluster
@@ -10585,6 +10822,8 @@ module Aws::Redshift
     #     reserved_node_id: "String",
     #     target_reserved_node_offering_id: "String",
     #     encrypted: false,
+    #     manage_master_password: false,
+    #     master_password_secret_kms_key_id: "String",
     #   })
     #
     # @example Response structure
@@ -10710,6 +10949,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/RestoreFromClusterSnapshot AWS API Documentation
     #
@@ -10958,6 +11199,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/ResumeCluster AWS API Documentation
     #
@@ -11188,6 +11431,8 @@ module Aws::Redshift
     #   resp.snapshot.manual_snapshot_retention_period #=> Integer
     #   resp.snapshot.manual_snapshot_remaining_days #=> Integer
     #   resp.snapshot.snapshot_retention_start_time #=> Time
+    #   resp.snapshot.master_password_secret_arn #=> String
+    #   resp.snapshot.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/RevokeSnapshotAccess AWS API Documentation
     #
@@ -11340,6 +11585,8 @@ module Aws::Redshift
     #   resp.cluster.custom_domain_name #=> String
     #   resp.cluster.custom_domain_certificate_arn #=> String
     #   resp.cluster.custom_domain_certificate_expiry_date #=> Time
+    #   resp.cluster.master_password_secret_arn #=> String
+    #   resp.cluster.master_password_secret_kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/RotateEncryptionKey AWS API Documentation
     #
@@ -11415,7 +11662,7 @@ module Aws::Redshift
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-redshift'
-      context[:gem_version] = '1.98.0'
+      context[:gem_version] = '1.100.0'
       Seahorse::Client::Request.new(handlers, context)
     end