aws-sdk-secretsmanager 1.36.0 → 1.41.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-secretsmanager.rb +4 -2
- data/lib/aws-sdk-secretsmanager/client.rb +401 -195
- data/lib/aws-sdk-secretsmanager/client_api.rb +58 -0
- data/lib/aws-sdk-secretsmanager/errors.rb +18 -0
- data/lib/aws-sdk-secretsmanager/resource.rb +2 -0
- data/lib/aws-sdk-secretsmanager/types.rb +397 -97
- metadata +4 -4
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -36,6 +38,11 @@ module Aws::SecretsManager
|
|
36
38
|
ExcludeNumbersType = Shapes::BooleanShape.new(name: 'ExcludeNumbersType')
|
37
39
|
ExcludePunctuationType = Shapes::BooleanShape.new(name: 'ExcludePunctuationType')
|
38
40
|
ExcludeUppercaseType = Shapes::BooleanShape.new(name: 'ExcludeUppercaseType')
|
41
|
+
Filter = Shapes::StructureShape.new(name: 'Filter')
|
42
|
+
FilterNameStringType = Shapes::StringShape.new(name: 'FilterNameStringType')
|
43
|
+
FilterValueStringType = Shapes::StringShape.new(name: 'FilterValueStringType')
|
44
|
+
FilterValuesStringList = Shapes::ListShape.new(name: 'FilterValuesStringList')
|
45
|
+
FiltersListType = Shapes::ListShape.new(name: 'FiltersListType')
|
39
46
|
GetRandomPasswordRequest = Shapes::StructureShape.new(name: 'GetRandomPasswordRequest')
|
40
47
|
GetRandomPasswordResponse = Shapes::StructureShape.new(name: 'GetRandomPasswordResponse')
|
41
48
|
GetResourcePolicyRequest = Shapes::StructureShape.new(name: 'GetResourcePolicyRequest')
|
@@ -64,6 +71,7 @@ module Aws::SecretsManager
|
|
64
71
|
OwningServiceType = Shapes::StringShape.new(name: 'OwningServiceType')
|
65
72
|
PasswordLengthType = Shapes::IntegerShape.new(name: 'PasswordLengthType')
|
66
73
|
PreconditionNotMetException = Shapes::StructureShape.new(name: 'PreconditionNotMetException')
|
74
|
+
PublicPolicyException = Shapes::StructureShape.new(name: 'PublicPolicyException')
|
67
75
|
PutResourcePolicyRequest = Shapes::StructureShape.new(name: 'PutResourcePolicyRequest')
|
68
76
|
PutResourcePolicyResponse = Shapes::StructureShape.new(name: 'PutResourcePolicyResponse')
|
69
77
|
PutSecretValueRequest = Shapes::StructureShape.new(name: 'PutSecretValueRequest')
|
@@ -93,17 +101,23 @@ module Aws::SecretsManager
|
|
93
101
|
SecretVersionsListEntry = Shapes::StructureShape.new(name: 'SecretVersionsListEntry')
|
94
102
|
SecretVersionsListType = Shapes::ListShape.new(name: 'SecretVersionsListType')
|
95
103
|
SecretVersionsToStagesMapType = Shapes::MapShape.new(name: 'SecretVersionsToStagesMapType')
|
104
|
+
SortOrderType = Shapes::StringShape.new(name: 'SortOrderType')
|
96
105
|
Tag = Shapes::StructureShape.new(name: 'Tag')
|
97
106
|
TagKeyListType = Shapes::ListShape.new(name: 'TagKeyListType')
|
98
107
|
TagKeyType = Shapes::StringShape.new(name: 'TagKeyType')
|
99
108
|
TagListType = Shapes::ListShape.new(name: 'TagListType')
|
100
109
|
TagResourceRequest = Shapes::StructureShape.new(name: 'TagResourceRequest')
|
101
110
|
TagValueType = Shapes::StringShape.new(name: 'TagValueType')
|
111
|
+
TimestampType = Shapes::TimestampShape.new(name: 'TimestampType')
|
102
112
|
UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
|
103
113
|
UpdateSecretRequest = Shapes::StructureShape.new(name: 'UpdateSecretRequest')
|
104
114
|
UpdateSecretResponse = Shapes::StructureShape.new(name: 'UpdateSecretResponse')
|
105
115
|
UpdateSecretVersionStageRequest = Shapes::StructureShape.new(name: 'UpdateSecretVersionStageRequest')
|
106
116
|
UpdateSecretVersionStageResponse = Shapes::StructureShape.new(name: 'UpdateSecretVersionStageResponse')
|
117
|
+
ValidateResourcePolicyRequest = Shapes::StructureShape.new(name: 'ValidateResourcePolicyRequest')
|
118
|
+
ValidateResourcePolicyResponse = Shapes::StructureShape.new(name: 'ValidateResourcePolicyResponse')
|
119
|
+
ValidationErrorsEntry = Shapes::StructureShape.new(name: 'ValidationErrorsEntry')
|
120
|
+
ValidationErrorsType = Shapes::ListShape.new(name: 'ValidationErrorsType')
|
107
121
|
|
108
122
|
CancelRotateSecretRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
|
109
123
|
CancelRotateSecretRequest.struct_class = Types::CancelRotateSecretRequest
|
@@ -164,11 +178,20 @@ module Aws::SecretsManager
|
|
164
178
|
DescribeSecretResponse.add_member(:tags, Shapes::ShapeRef.new(shape: TagListType, location_name: "Tags"))
|
165
179
|
DescribeSecretResponse.add_member(:version_ids_to_stages, Shapes::ShapeRef.new(shape: SecretVersionsToStagesMapType, location_name: "VersionIdsToStages"))
|
166
180
|
DescribeSecretResponse.add_member(:owning_service, Shapes::ShapeRef.new(shape: OwningServiceType, location_name: "OwningService"))
|
181
|
+
DescribeSecretResponse.add_member(:created_date, Shapes::ShapeRef.new(shape: TimestampType, location_name: "CreatedDate", metadata: {"box"=>true}))
|
167
182
|
DescribeSecretResponse.struct_class = Types::DescribeSecretResponse
|
168
183
|
|
169
184
|
EncryptionFailure.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
170
185
|
EncryptionFailure.struct_class = Types::EncryptionFailure
|
171
186
|
|
187
|
+
Filter.add_member(:key, Shapes::ShapeRef.new(shape: FilterNameStringType, location_name: "Key"))
|
188
|
+
Filter.add_member(:values, Shapes::ShapeRef.new(shape: FilterValuesStringList, location_name: "Values"))
|
189
|
+
Filter.struct_class = Types::Filter
|
190
|
+
|
191
|
+
FilterValuesStringList.member = Shapes::ShapeRef.new(shape: FilterValueStringType)
|
192
|
+
|
193
|
+
FiltersListType.member = Shapes::ShapeRef.new(shape: Filter)
|
194
|
+
|
172
195
|
GetRandomPasswordRequest.add_member(:password_length, Shapes::ShapeRef.new(shape: PasswordLengthType, location_name: "PasswordLength", metadata: {"box"=>true}))
|
173
196
|
GetRandomPasswordRequest.add_member(:exclude_characters, Shapes::ShapeRef.new(shape: ExcludeCharactersType, location_name: "ExcludeCharacters"))
|
174
197
|
GetRandomPasswordRequest.add_member(:exclude_numbers, Shapes::ShapeRef.new(shape: ExcludeNumbersType, location_name: "ExcludeNumbers", metadata: {"box"=>true}))
|
@@ -233,6 +256,8 @@ module Aws::SecretsManager
|
|
233
256
|
|
234
257
|
ListSecretsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResultsType, location_name: "MaxResults", metadata: {"box"=>true}))
|
235
258
|
ListSecretsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextTokenType, location_name: "NextToken"))
|
259
|
+
ListSecretsRequest.add_member(:filters, Shapes::ShapeRef.new(shape: FiltersListType, location_name: "Filters"))
|
260
|
+
ListSecretsRequest.add_member(:sort_order, Shapes::ShapeRef.new(shape: SortOrderType, location_name: "SortOrder"))
|
236
261
|
ListSecretsRequest.struct_class = Types::ListSecretsRequest
|
237
262
|
|
238
263
|
ListSecretsResponse.add_member(:secret_list, Shapes::ShapeRef.new(shape: SecretListType, location_name: "SecretList"))
|
@@ -245,8 +270,12 @@ module Aws::SecretsManager
|
|
245
270
|
PreconditionNotMetException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
246
271
|
PreconditionNotMetException.struct_class = Types::PreconditionNotMetException
|
247
272
|
|
273
|
+
PublicPolicyException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
274
|
+
PublicPolicyException.struct_class = Types::PublicPolicyException
|
275
|
+
|
248
276
|
PutResourcePolicyRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
|
249
277
|
PutResourcePolicyRequest.add_member(:resource_policy, Shapes::ShapeRef.new(shape: NonEmptyResourcePolicyType, required: true, location_name: "ResourcePolicy"))
|
278
|
+
PutResourcePolicyRequest.add_member(:block_public_policy, Shapes::ShapeRef.new(shape: BooleanType, location_name: "BlockPublicPolicy", metadata: {"box"=>true}))
|
250
279
|
PutResourcePolicyRequest.struct_class = Types::PutResourcePolicyRequest
|
251
280
|
|
252
281
|
PutResourcePolicyResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
|
@@ -307,6 +336,7 @@ module Aws::SecretsManager
|
|
307
336
|
SecretListEntry.add_member(:tags, Shapes::ShapeRef.new(shape: TagListType, location_name: "Tags"))
|
308
337
|
SecretListEntry.add_member(:secret_versions_to_stages, Shapes::ShapeRef.new(shape: SecretVersionsToStagesMapType, location_name: "SecretVersionsToStages"))
|
309
338
|
SecretListEntry.add_member(:owning_service, Shapes::ShapeRef.new(shape: OwningServiceType, location_name: "OwningService"))
|
339
|
+
SecretListEntry.add_member(:created_date, Shapes::ShapeRef.new(shape: TimestampType, location_name: "CreatedDate", metadata: {"box"=>true}))
|
310
340
|
SecretListEntry.struct_class = Types::SecretListEntry
|
311
341
|
|
312
342
|
SecretListType.member = Shapes::ShapeRef.new(shape: SecretListEntry)
|
@@ -363,6 +393,20 @@ module Aws::SecretsManager
|
|
363
393
|
UpdateSecretVersionStageResponse.add_member(:name, Shapes::ShapeRef.new(shape: SecretNameType, location_name: "Name"))
|
364
394
|
UpdateSecretVersionStageResponse.struct_class = Types::UpdateSecretVersionStageResponse
|
365
395
|
|
396
|
+
ValidateResourcePolicyRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, location_name: "SecretId"))
|
397
|
+
ValidateResourcePolicyRequest.add_member(:resource_policy, Shapes::ShapeRef.new(shape: NonEmptyResourcePolicyType, required: true, location_name: "ResourcePolicy"))
|
398
|
+
ValidateResourcePolicyRequest.struct_class = Types::ValidateResourcePolicyRequest
|
399
|
+
|
400
|
+
ValidateResourcePolicyResponse.add_member(:policy_validation_passed, Shapes::ShapeRef.new(shape: BooleanType, location_name: "PolicyValidationPassed"))
|
401
|
+
ValidateResourcePolicyResponse.add_member(:validation_errors, Shapes::ShapeRef.new(shape: ValidationErrorsType, location_name: "ValidationErrors"))
|
402
|
+
ValidateResourcePolicyResponse.struct_class = Types::ValidateResourcePolicyResponse
|
403
|
+
|
404
|
+
ValidationErrorsEntry.add_member(:check_name, Shapes::ShapeRef.new(shape: NameType, location_name: "CheckName"))
|
405
|
+
ValidationErrorsEntry.add_member(:error_message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "ErrorMessage"))
|
406
|
+
ValidationErrorsEntry.struct_class = Types::ValidationErrorsEntry
|
407
|
+
|
408
|
+
ValidationErrorsType.member = Shapes::ShapeRef.new(shape: ValidationErrorsEntry)
|
409
|
+
|
366
410
|
|
367
411
|
# @api private
|
368
412
|
API = Seahorse::Model::Api.new.tap do |api|
|
@@ -524,6 +568,7 @@ module Aws::SecretsManager
|
|
524
568
|
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
525
569
|
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
526
570
|
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
571
|
+
o.errors << Shapes::ShapeRef.new(shape: PublicPolicyException)
|
527
572
|
end)
|
528
573
|
|
529
574
|
api.add_operation(:put_secret_value, Seahorse::Model::Operation.new.tap do |o|
|
@@ -618,6 +663,19 @@ module Aws::SecretsManager
|
|
618
663
|
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
619
664
|
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
620
665
|
end)
|
666
|
+
|
667
|
+
api.add_operation(:validate_resource_policy, Seahorse::Model::Operation.new.tap do |o|
|
668
|
+
o.name = "ValidateResourcePolicy"
|
669
|
+
o.http_method = "POST"
|
670
|
+
o.http_request_uri = "/"
|
671
|
+
o.input = Shapes::ShapeRef.new(shape: ValidateResourcePolicyRequest)
|
672
|
+
o.output = Shapes::ShapeRef.new(shape: ValidateResourcePolicyResponse)
|
673
|
+
o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
|
674
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
675
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
676
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
677
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
678
|
+
end)
|
621
679
|
end
|
622
680
|
|
623
681
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -34,6 +36,7 @@ module Aws::SecretsManager
|
|
34
36
|
# * {LimitExceededException}
|
35
37
|
# * {MalformedPolicyDocumentException}
|
36
38
|
# * {PreconditionNotMetException}
|
39
|
+
# * {PublicPolicyException}
|
37
40
|
# * {ResourceExistsException}
|
38
41
|
# * {ResourceNotFoundException}
|
39
42
|
#
|
@@ -178,6 +181,21 @@ module Aws::SecretsManager
|
|
178
181
|
end
|
179
182
|
end
|
180
183
|
|
184
|
+
class PublicPolicyException < ServiceError
|
185
|
+
|
186
|
+
# @param [Seahorse::Client::RequestContext] context
|
187
|
+
# @param [String] message
|
188
|
+
# @param [Aws::SecretsManager::Types::PublicPolicyException] data
|
189
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
190
|
+
super(context, message, data)
|
191
|
+
end
|
192
|
+
|
193
|
+
# @return [String]
|
194
|
+
def message
|
195
|
+
@message || @data[:message]
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
181
199
|
class ResourceExistsException < ServiceError
|
182
200
|
|
183
201
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -16,9 +18,9 @@ module Aws::SecretsManager
|
|
16
18
|
# }
|
17
19
|
#
|
18
20
|
# @!attribute [rw] secret_id
|
19
|
-
# Specifies the secret
|
20
|
-
#
|
21
|
-
#
|
21
|
+
# Specifies the secret to cancel a rotation request. You can specify
|
22
|
+
# either the Amazon Resource Name (ARN) or the friendly name of the
|
23
|
+
# secret.
|
22
24
|
#
|
23
25
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
24
26
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -31,9 +33,15 @@ module Aws::SecretsManager
|
|
31
33
|
# partial ARN, then those characters cause Secrets Manager to assume
|
32
34
|
# that you’re specifying a complete ARN. This confusion can cause
|
33
35
|
# unexpected results. To avoid this situation, we recommend that you
|
34
|
-
# don’t create secret names
|
36
|
+
# don’t create secret names ending with a hyphen followed by six
|
35
37
|
# characters.
|
36
38
|
#
|
39
|
+
# If you specify an incomplete ARN without the random suffix, and
|
40
|
+
# instead provide the 'friendly name', you *must* not include the
|
41
|
+
# random suffix. If you do include the random suffix added by Secrets
|
42
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
43
|
+
# *AccessDeniedException* error, depending on your permissions.
|
44
|
+
#
|
37
45
|
# </note>
|
38
46
|
# @return [String]
|
39
47
|
#
|
@@ -41,6 +49,7 @@ module Aws::SecretsManager
|
|
41
49
|
#
|
42
50
|
class CancelRotateSecretRequest < Struct.new(
|
43
51
|
:secret_id)
|
52
|
+
SENSITIVE = []
|
44
53
|
include Aws::Structure
|
45
54
|
end
|
46
55
|
|
@@ -53,9 +62,9 @@ module Aws::SecretsManager
|
|
53
62
|
# @return [String]
|
54
63
|
#
|
55
64
|
# @!attribute [rw] version_id
|
56
|
-
# The unique identifier of the version of the secret
|
57
|
-
#
|
58
|
-
#
|
65
|
+
# The unique identifier of the version of the secret created during
|
66
|
+
# the rotation. This version might not be complete, and should be
|
67
|
+
# evaluated for possible deletion. At the very least, you should
|
59
68
|
# remove the `VersionStage` value `AWSPENDING` to enable this version
|
60
69
|
# to be deleted. Failing to clean up a cancelled rotation can block
|
61
70
|
# you from successfully starting future rotations.
|
@@ -67,6 +76,7 @@ module Aws::SecretsManager
|
|
67
76
|
:arn,
|
68
77
|
:name,
|
69
78
|
:version_id)
|
79
|
+
SENSITIVE = []
|
70
80
|
include Aws::Structure
|
71
81
|
end
|
72
82
|
|
@@ -94,11 +104,11 @@ module Aws::SecretsManager
|
|
94
104
|
# The secret name must be ASCII letters, digits, or the following
|
95
105
|
# characters : /\_+=.@-
|
96
106
|
#
|
97
|
-
# <note markdown="1">
|
107
|
+
# <note markdown="1"> Do not end your secret name with a hyphen followed by six
|
98
108
|
# characters. If you do so, you risk confusion and unexpected results
|
99
|
-
# when searching for a secret by partial ARN.
|
100
|
-
#
|
101
|
-
#
|
109
|
+
# when searching for a secret by partial ARN. Secrets Manager
|
110
|
+
# automatically adds a hyphen and six random characters at the end of
|
111
|
+
# the ARN.
|
102
112
|
#
|
103
113
|
# </note>
|
104
114
|
# @return [String]
|
@@ -114,7 +124,7 @@ module Aws::SecretsManager
|
|
114
124
|
# in the request. If you don't use the SDK and instead generate a raw
|
115
125
|
# HTTP request to the Secrets Manager service endpoint, then you must
|
116
126
|
# generate a `ClientRequestToken` yourself for the new version and
|
117
|
-
# include
|
127
|
+
# include the value in the request.
|
118
128
|
#
|
119
129
|
# </note>
|
120
130
|
#
|
@@ -127,10 +137,9 @@ module Aws::SecretsManager
|
|
127
137
|
# * If the `ClientRequestToken` value isn't already associated with a
|
128
138
|
# version of the secret then a new version of the secret is created.
|
129
139
|
#
|
130
|
-
# * If a version with this value already exists and
|
140
|
+
# * If a version with this value already exists and the version
|
131
141
|
# `SecretString` and `SecretBinary` values are the same as those in
|
132
|
-
# the request, then the request is ignored
|
133
|
-
# idempotent).
|
142
|
+
# the request, then the request is ignored.
|
134
143
|
#
|
135
144
|
# * If a version with this value already exists and that version's
|
136
145
|
# `SecretString` and `SecretBinary` values are different from those
|
@@ -168,9 +177,9 @@ module Aws::SecretsManager
|
|
168
177
|
# first time it needs to encrypt a version's `SecretString` or
|
169
178
|
# `SecretBinary` fields.
|
170
179
|
#
|
171
|
-
# You can use the account
|
172
|
-
#
|
173
|
-
#
|
180
|
+
# You can use the account default CMK to encrypt and decrypt only if
|
181
|
+
# you call this operation using credentials from the same account that
|
182
|
+
# owns the secret. If the secret resides in a different account, then
|
174
183
|
# you must create a custom CMK and specify the ARN in this field.
|
175
184
|
# @return [String]
|
176
185
|
#
|
@@ -207,7 +216,7 @@ module Aws::SecretsManager
|
|
207
216
|
# environments, see [Using JSON for Parameters][1] in the *AWS CLI
|
208
217
|
# User Guide*. For example:
|
209
218
|
#
|
210
|
-
#
|
219
|
+
# `\{"username":"bob","password":"abc123xyz456"\}`
|
211
220
|
#
|
212
221
|
# If your command-line tool or SDK requires quotation marks around the
|
213
222
|
# parameter, you should use single quotes to avoid confusion with the
|
@@ -255,15 +264,15 @@ module Aws::SecretsManager
|
|
255
264
|
# * Tag keys and values are case sensitive.
|
256
265
|
#
|
257
266
|
# * Do not use the `aws:` prefix in your tag names or values because
|
258
|
-
#
|
259
|
-
# values with this prefix. Tags with this prefix do not count
|
267
|
+
# AWS reserves it for AWS use. You can't edit or delete tag names
|
268
|
+
# or values with this prefix. Tags with this prefix do not count
|
260
269
|
# against your tags per secret limit.
|
261
270
|
#
|
262
|
-
# * If your tagging schema
|
263
|
-
# resources, remember
|
264
|
-
# allowed characters. Generally allowed characters
|
265
|
-
#
|
266
|
-
#
|
271
|
+
# * If you use your tagging schema across multiple services and
|
272
|
+
# resources, remember other services might have restrictions on
|
273
|
+
# allowed characters. Generally allowed characters: letters, spaces,
|
274
|
+
# and numbers representable in UTF-8, plus the following special
|
275
|
+
# characters: + - = . \_ : / @.
|
267
276
|
#
|
268
277
|
#
|
269
278
|
#
|
@@ -280,6 +289,7 @@ module Aws::SecretsManager
|
|
280
289
|
:secret_binary,
|
281
290
|
:secret_string,
|
282
291
|
:tags)
|
292
|
+
SENSITIVE = [:secret_binary, :secret_string]
|
283
293
|
include Aws::Structure
|
284
294
|
end
|
285
295
|
|
@@ -302,8 +312,8 @@ module Aws::SecretsManager
|
|
302
312
|
# @return [String]
|
303
313
|
#
|
304
314
|
# @!attribute [rw] version_id
|
305
|
-
# The unique identifier
|
306
|
-
#
|
315
|
+
# The unique identifier associated with the version of the secret you
|
316
|
+
# just created.
|
307
317
|
# @return [String]
|
308
318
|
#
|
309
319
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/CreateSecretResponse AWS API Documentation
|
@@ -312,6 +322,7 @@ module Aws::SecretsManager
|
|
312
322
|
:arn,
|
313
323
|
:name,
|
314
324
|
:version_id)
|
325
|
+
SENSITIVE = []
|
315
326
|
include Aws::Structure
|
316
327
|
end
|
317
328
|
|
@@ -325,6 +336,7 @@ module Aws::SecretsManager
|
|
325
336
|
#
|
326
337
|
class DecryptionFailure < Struct.new(
|
327
338
|
:message)
|
339
|
+
SENSITIVE = []
|
328
340
|
include Aws::Structure
|
329
341
|
end
|
330
342
|
|
@@ -351,9 +363,15 @@ module Aws::SecretsManager
|
|
351
363
|
# partial ARN, then those characters cause Secrets Manager to assume
|
352
364
|
# that you’re specifying a complete ARN. This confusion can cause
|
353
365
|
# unexpected results. To avoid this situation, we recommend that you
|
354
|
-
# don’t create secret names
|
366
|
+
# don’t create secret names ending with a hyphen followed by six
|
355
367
|
# characters.
|
356
368
|
#
|
369
|
+
# If you specify an incomplete ARN without the random suffix, and
|
370
|
+
# instead provide the 'friendly name', you *must* not include the
|
371
|
+
# random suffix. If you do include the random suffix added by Secrets
|
372
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
373
|
+
# *AccessDeniedException* error, depending on your permissions.
|
374
|
+
#
|
357
375
|
# </note>
|
358
376
|
# @return [String]
|
359
377
|
#
|
@@ -361,6 +379,7 @@ module Aws::SecretsManager
|
|
361
379
|
#
|
362
380
|
class DeleteResourcePolicyRequest < Struct.new(
|
363
381
|
:secret_id)
|
382
|
+
SENSITIVE = []
|
364
383
|
include Aws::Structure
|
365
384
|
end
|
366
385
|
|
@@ -379,6 +398,7 @@ module Aws::SecretsManager
|
|
379
398
|
class DeleteResourcePolicyResponse < Struct.new(
|
380
399
|
:arn,
|
381
400
|
:name)
|
401
|
+
SENSITIVE = []
|
382
402
|
include Aws::Structure
|
383
403
|
end
|
384
404
|
|
@@ -406,9 +426,15 @@ module Aws::SecretsManager
|
|
406
426
|
# partial ARN, then those characters cause Secrets Manager to assume
|
407
427
|
# that you’re specifying a complete ARN. This confusion can cause
|
408
428
|
# unexpected results. To avoid this situation, we recommend that you
|
409
|
-
# don’t create secret names
|
429
|
+
# don’t create secret names ending with a hyphen followed by six
|
410
430
|
# characters.
|
411
431
|
#
|
432
|
+
# If you specify an incomplete ARN without the random suffix, and
|
433
|
+
# instead provide the 'friendly name', you *must* not include the
|
434
|
+
# random suffix. If you do include the random suffix added by Secrets
|
435
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
436
|
+
# *AccessDeniedException* error, depending on your permissions.
|
437
|
+
#
|
412
438
|
# </note>
|
413
439
|
# @return [String]
|
414
440
|
#
|
@@ -445,6 +471,7 @@ module Aws::SecretsManager
|
|
445
471
|
:secret_id,
|
446
472
|
:recovery_window_in_days,
|
447
473
|
:force_delete_without_recovery)
|
474
|
+
SENSITIVE = []
|
448
475
|
include Aws::Structure
|
449
476
|
end
|
450
477
|
|
@@ -469,6 +496,7 @@ module Aws::SecretsManager
|
|
469
496
|
:arn,
|
470
497
|
:name,
|
471
498
|
:deletion_date)
|
499
|
+
SENSITIVE = []
|
472
500
|
include Aws::Structure
|
473
501
|
end
|
474
502
|
|
@@ -495,9 +523,15 @@ module Aws::SecretsManager
|
|
495
523
|
# partial ARN, then those characters cause Secrets Manager to assume
|
496
524
|
# that you’re specifying a complete ARN. This confusion can cause
|
497
525
|
# unexpected results. To avoid this situation, we recommend that you
|
498
|
-
# don’t create secret names
|
526
|
+
# don’t create secret names ending with a hyphen followed by six
|
499
527
|
# characters.
|
500
528
|
#
|
529
|
+
# If you specify an incomplete ARN without the random suffix, and
|
530
|
+
# instead provide the 'friendly name', you *must* not include the
|
531
|
+
# random suffix. If you do include the random suffix added by Secrets
|
532
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
533
|
+
# *AccessDeniedException* error, depending on your permissions.
|
534
|
+
#
|
501
535
|
# </note>
|
502
536
|
# @return [String]
|
503
537
|
#
|
@@ -505,6 +539,7 @@ module Aws::SecretsManager
|
|
505
539
|
#
|
506
540
|
class DescribeSecretRequest < Struct.new(
|
507
541
|
:secret_id)
|
542
|
+
SENSITIVE = []
|
508
543
|
include Aws::Structure
|
509
544
|
end
|
510
545
|
|
@@ -596,6 +631,10 @@ module Aws::SecretsManager
|
|
596
631
|
# Returns the name of the service that created this secret.
|
597
632
|
# @return [String]
|
598
633
|
#
|
634
|
+
# @!attribute [rw] created_date
|
635
|
+
# The date that the secret was created.
|
636
|
+
# @return [Time]
|
637
|
+
#
|
599
638
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DescribeSecretResponse AWS API Documentation
|
600
639
|
#
|
601
640
|
class DescribeSecretResponse < Struct.new(
|
@@ -612,7 +651,9 @@ module Aws::SecretsManager
|
|
612
651
|
:deleted_date,
|
613
652
|
:tags,
|
614
653
|
:version_ids_to_stages,
|
615
|
-
:owning_service
|
654
|
+
:owning_service,
|
655
|
+
:created_date)
|
656
|
+
SENSITIVE = []
|
616
657
|
include Aws::Structure
|
617
658
|
end
|
618
659
|
|
@@ -632,6 +673,34 @@ module Aws::SecretsManager
|
|
632
673
|
#
|
633
674
|
class EncryptionFailure < Struct.new(
|
634
675
|
:message)
|
676
|
+
SENSITIVE = []
|
677
|
+
include Aws::Structure
|
678
|
+
end
|
679
|
+
|
680
|
+
# Allows you to filter your list of secrets.
|
681
|
+
#
|
682
|
+
# @note When making an API call, you may pass Filter
|
683
|
+
# data as a hash:
|
684
|
+
#
|
685
|
+
# {
|
686
|
+
# key: "description", # accepts description, name, tag-key, tag-value, all
|
687
|
+
# values: ["FilterValueStringType"],
|
688
|
+
# }
|
689
|
+
#
|
690
|
+
# @!attribute [rw] key
|
691
|
+
# Filters your list of secrets by a specific key.
|
692
|
+
# @return [String]
|
693
|
+
#
|
694
|
+
# @!attribute [rw] values
|
695
|
+
# Filters your list of secrets by a specific value.
|
696
|
+
# @return [Array<String>]
|
697
|
+
#
|
698
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/Filter AWS API Documentation
|
699
|
+
#
|
700
|
+
class Filter < Struct.new(
|
701
|
+
:key,
|
702
|
+
:values)
|
703
|
+
SENSITIVE = []
|
635
704
|
include Aws::Structure
|
636
705
|
end
|
637
706
|
|
@@ -715,6 +784,7 @@ module Aws::SecretsManager
|
|
715
784
|
:exclude_lowercase,
|
716
785
|
:include_space,
|
717
786
|
:require_each_included_type)
|
787
|
+
SENSITIVE = []
|
718
788
|
include Aws::Structure
|
719
789
|
end
|
720
790
|
|
@@ -726,6 +796,7 @@ module Aws::SecretsManager
|
|
726
796
|
#
|
727
797
|
class GetRandomPasswordResponse < Struct.new(
|
728
798
|
:random_password)
|
799
|
+
SENSITIVE = [:random_password]
|
729
800
|
include Aws::Structure
|
730
801
|
end
|
731
802
|
|
@@ -752,9 +823,15 @@ module Aws::SecretsManager
|
|
752
823
|
# partial ARN, then those characters cause Secrets Manager to assume
|
753
824
|
# that you’re specifying a complete ARN. This confusion can cause
|
754
825
|
# unexpected results. To avoid this situation, we recommend that you
|
755
|
-
# don’t create secret names
|
826
|
+
# don’t create secret names ending with a hyphen followed by six
|
756
827
|
# characters.
|
757
828
|
#
|
829
|
+
# If you specify an incomplete ARN without the random suffix, and
|
830
|
+
# instead provide the 'friendly name', you *must* not include the
|
831
|
+
# random suffix. If you do include the random suffix added by Secrets
|
832
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
833
|
+
# *AccessDeniedException* error, depending on your permissions.
|
834
|
+
#
|
758
835
|
# </note>
|
759
836
|
# @return [String]
|
760
837
|
#
|
@@ -762,6 +839,7 @@ module Aws::SecretsManager
|
|
762
839
|
#
|
763
840
|
class GetResourcePolicyRequest < Struct.new(
|
764
841
|
:secret_id)
|
842
|
+
SENSITIVE = []
|
765
843
|
include Aws::Structure
|
766
844
|
end
|
767
845
|
|
@@ -795,6 +873,7 @@ module Aws::SecretsManager
|
|
795
873
|
:arn,
|
796
874
|
:name,
|
797
875
|
:resource_policy)
|
876
|
+
SENSITIVE = []
|
798
877
|
include Aws::Structure
|
799
878
|
end
|
800
879
|
|
@@ -823,9 +902,15 @@ module Aws::SecretsManager
|
|
823
902
|
# partial ARN, then those characters cause Secrets Manager to assume
|
824
903
|
# that you’re specifying a complete ARN. This confusion can cause
|
825
904
|
# unexpected results. To avoid this situation, we recommend that you
|
826
|
-
# don’t create secret names
|
905
|
+
# don’t create secret names ending with a hyphen followed by six
|
827
906
|
# characters.
|
828
907
|
#
|
908
|
+
# If you specify an incomplete ARN without the random suffix, and
|
909
|
+
# instead provide the 'friendly name', you *must* not include the
|
910
|
+
# random suffix. If you do include the random suffix added by Secrets
|
911
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
912
|
+
# *AccessDeniedException* error, depending on your permissions.
|
913
|
+
#
|
829
914
|
# </note>
|
830
915
|
# @return [String]
|
831
916
|
#
|
@@ -862,6 +947,7 @@ module Aws::SecretsManager
|
|
862
947
|
:secret_id,
|
863
948
|
:version_id,
|
864
949
|
:version_stage)
|
950
|
+
SENSITIVE = []
|
865
951
|
include Aws::Structure
|
866
952
|
end
|
867
953
|
|
@@ -930,6 +1016,7 @@ module Aws::SecretsManager
|
|
930
1016
|
:secret_string,
|
931
1017
|
:version_stages,
|
932
1018
|
:created_date)
|
1019
|
+
SENSITIVE = [:secret_binary, :secret_string]
|
933
1020
|
include Aws::Structure
|
934
1021
|
end
|
935
1022
|
|
@@ -942,6 +1029,7 @@ module Aws::SecretsManager
|
|
942
1029
|
#
|
943
1030
|
class InternalServiceError < Struct.new(
|
944
1031
|
:message)
|
1032
|
+
SENSITIVE = []
|
945
1033
|
include Aws::Structure
|
946
1034
|
end
|
947
1035
|
|
@@ -954,6 +1042,7 @@ module Aws::SecretsManager
|
|
954
1042
|
#
|
955
1043
|
class InvalidNextTokenException < Struct.new(
|
956
1044
|
:message)
|
1045
|
+
SENSITIVE = []
|
957
1046
|
include Aws::Structure
|
958
1047
|
end
|
959
1048
|
|
@@ -966,6 +1055,7 @@ module Aws::SecretsManager
|
|
966
1055
|
#
|
967
1056
|
class InvalidParameterException < Struct.new(
|
968
1057
|
:message)
|
1058
|
+
SENSITIVE = []
|
969
1059
|
include Aws::Structure
|
970
1060
|
end
|
971
1061
|
|
@@ -988,6 +1078,7 @@ module Aws::SecretsManager
|
|
988
1078
|
#
|
989
1079
|
class InvalidRequestException < Struct.new(
|
990
1080
|
:message)
|
1081
|
+
SENSITIVE = []
|
991
1082
|
include Aws::Structure
|
992
1083
|
end
|
993
1084
|
|
@@ -1001,6 +1092,7 @@ module Aws::SecretsManager
|
|
1001
1092
|
#
|
1002
1093
|
class LimitExceededException < Struct.new(
|
1003
1094
|
:message)
|
1095
|
+
SENSITIVE = []
|
1004
1096
|
include Aws::Structure
|
1005
1097
|
end
|
1006
1098
|
|
@@ -1030,15 +1122,21 @@ module Aws::SecretsManager
|
|
1030
1122
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1031
1123
|
# that you’re specifying a complete ARN. This confusion can cause
|
1032
1124
|
# unexpected results. To avoid this situation, we recommend that you
|
1033
|
-
# don’t create secret names
|
1125
|
+
# don’t create secret names ending with a hyphen followed by six
|
1034
1126
|
# characters.
|
1035
1127
|
#
|
1128
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1129
|
+
# instead provide the 'friendly name', you *must* not include the
|
1130
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1131
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1132
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1133
|
+
#
|
1036
1134
|
# </note>
|
1037
1135
|
# @return [String]
|
1038
1136
|
#
|
1039
1137
|
# @!attribute [rw] max_results
|
1040
|
-
# (Optional) Limits the number of results
|
1041
|
-
#
|
1138
|
+
# (Optional) Limits the number of results you want to include in the
|
1139
|
+
# response. If you don't include this parameter, it defaults to a
|
1042
1140
|
# value that's specific to the operation. If additional items exist
|
1043
1141
|
# beyond the maximum you specify, the `NextToken` response element is
|
1044
1142
|
# present and has a value (isn't null). Include that value as the
|
@@ -1051,10 +1149,10 @@ module Aws::SecretsManager
|
|
1051
1149
|
#
|
1052
1150
|
# @!attribute [rw] next_token
|
1053
1151
|
# (Optional) Use this parameter in a request if you receive a
|
1054
|
-
# `NextToken` response in a previous request
|
1055
|
-
#
|
1056
|
-
#
|
1057
|
-
#
|
1152
|
+
# `NextToken` response in a previous request indicating there's more
|
1153
|
+
# output available. In a subsequent call, set it to the value of the
|
1154
|
+
# previous call `NextToken` response to indicate where the output
|
1155
|
+
# should continue from.
|
1058
1156
|
# @return [String]
|
1059
1157
|
#
|
1060
1158
|
# @!attribute [rw] include_deprecated
|
@@ -1071,6 +1169,7 @@ module Aws::SecretsManager
|
|
1071
1169
|
:max_results,
|
1072
1170
|
:next_token,
|
1073
1171
|
:include_deprecated)
|
1172
|
+
SENSITIVE = []
|
1074
1173
|
include Aws::Structure
|
1075
1174
|
end
|
1076
1175
|
|
@@ -1081,10 +1180,10 @@ module Aws::SecretsManager
|
|
1081
1180
|
#
|
1082
1181
|
# @!attribute [rw] next_token
|
1083
1182
|
# If present in the response, this value indicates that there's more
|
1084
|
-
# output available than
|
1085
|
-
#
|
1086
|
-
#
|
1087
|
-
#
|
1183
|
+
# output available than included in the current response. This can
|
1184
|
+
# occur even when the response includes no values at all, such as when
|
1185
|
+
# you ask for a filtered view of a very long list. Use this value in
|
1186
|
+
# the `NextToken` request parameter in a subsequent call to the
|
1088
1187
|
# operation to continue processing and get the next part of the
|
1089
1188
|
# output. You should repeat this until the `NextToken` response
|
1090
1189
|
# element comes back empty (as `null`).
|
@@ -1115,6 +1214,7 @@ module Aws::SecretsManager
|
|
1115
1214
|
:next_token,
|
1116
1215
|
:arn,
|
1117
1216
|
:name)
|
1217
|
+
SENSITIVE = []
|
1118
1218
|
include Aws::Structure
|
1119
1219
|
end
|
1120
1220
|
|
@@ -1124,11 +1224,18 @@ module Aws::SecretsManager
|
|
1124
1224
|
# {
|
1125
1225
|
# max_results: 1,
|
1126
1226
|
# next_token: "NextTokenType",
|
1227
|
+
# filters: [
|
1228
|
+
# {
|
1229
|
+
# key: "description", # accepts description, name, tag-key, tag-value, all
|
1230
|
+
# values: ["FilterValueStringType"],
|
1231
|
+
# },
|
1232
|
+
# ],
|
1233
|
+
# sort_order: "asc", # accepts asc, desc
|
1127
1234
|
# }
|
1128
1235
|
#
|
1129
1236
|
# @!attribute [rw] max_results
|
1130
|
-
# (Optional) Limits the number of results
|
1131
|
-
#
|
1237
|
+
# (Optional) Limits the number of results you want to include in the
|
1238
|
+
# response. If you don't include this parameter, it defaults to a
|
1132
1239
|
# value that's specific to the operation. If additional items exist
|
1133
1240
|
# beyond the maximum you specify, the `NextToken` response element is
|
1134
1241
|
# present and has a value (isn't null). Include that value as the
|
@@ -1141,17 +1248,28 @@ module Aws::SecretsManager
|
|
1141
1248
|
#
|
1142
1249
|
# @!attribute [rw] next_token
|
1143
1250
|
# (Optional) Use this parameter in a request if you receive a
|
1144
|
-
# `NextToken` response in a previous request
|
1145
|
-
#
|
1146
|
-
#
|
1147
|
-
#
|
1251
|
+
# `NextToken` response in a previous request indicating there's more
|
1252
|
+
# output available. In a subsequent call, set it to the value of the
|
1253
|
+
# previous call `NextToken` response to indicate where the output
|
1254
|
+
# should continue from.
|
1255
|
+
# @return [String]
|
1256
|
+
#
|
1257
|
+
# @!attribute [rw] filters
|
1258
|
+
# Lists the secret request filters.
|
1259
|
+
# @return [Array<Types::Filter>]
|
1260
|
+
#
|
1261
|
+
# @!attribute [rw] sort_order
|
1262
|
+
# Lists secrets in the requested order.
|
1148
1263
|
# @return [String]
|
1149
1264
|
#
|
1150
1265
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ListSecretsRequest AWS API Documentation
|
1151
1266
|
#
|
1152
1267
|
class ListSecretsRequest < Struct.new(
|
1153
1268
|
:max_results,
|
1154
|
-
:next_token
|
1269
|
+
:next_token,
|
1270
|
+
:filters,
|
1271
|
+
:sort_order)
|
1272
|
+
SENSITIVE = []
|
1155
1273
|
include Aws::Structure
|
1156
1274
|
end
|
1157
1275
|
|
@@ -1161,10 +1279,10 @@ module Aws::SecretsManager
|
|
1161
1279
|
#
|
1162
1280
|
# @!attribute [rw] next_token
|
1163
1281
|
# If present in the response, this value indicates that there's more
|
1164
|
-
# output available than
|
1165
|
-
#
|
1166
|
-
#
|
1167
|
-
#
|
1282
|
+
# output available than included in the current response. This can
|
1283
|
+
# occur even when the response includes no values at all, such as when
|
1284
|
+
# you ask for a filtered view of a very long list. Use this value in
|
1285
|
+
# the `NextToken` request parameter in a subsequent call to the
|
1168
1286
|
# operation to continue processing and get the next part of the
|
1169
1287
|
# output. You should repeat this until the `NextToken` response
|
1170
1288
|
# element comes back empty (as `null`).
|
@@ -1175,6 +1293,7 @@ module Aws::SecretsManager
|
|
1175
1293
|
class ListSecretsResponse < Struct.new(
|
1176
1294
|
:secret_list,
|
1177
1295
|
:next_token)
|
1296
|
+
SENSITIVE = []
|
1178
1297
|
include Aws::Structure
|
1179
1298
|
end
|
1180
1299
|
|
@@ -1187,6 +1306,7 @@ module Aws::SecretsManager
|
|
1187
1306
|
#
|
1188
1307
|
class MalformedPolicyDocumentException < Struct.new(
|
1189
1308
|
:message)
|
1309
|
+
SENSITIVE = []
|
1190
1310
|
include Aws::Structure
|
1191
1311
|
end
|
1192
1312
|
|
@@ -1200,6 +1320,20 @@ module Aws::SecretsManager
|
|
1200
1320
|
#
|
1201
1321
|
class PreconditionNotMetException < Struct.new(
|
1202
1322
|
:message)
|
1323
|
+
SENSITIVE = []
|
1324
|
+
include Aws::Structure
|
1325
|
+
end
|
1326
|
+
|
1327
|
+
# The resource policy did not prevent broad access to the secret.
|
1328
|
+
#
|
1329
|
+
# @!attribute [rw] message
|
1330
|
+
# @return [String]
|
1331
|
+
#
|
1332
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PublicPolicyException AWS API Documentation
|
1333
|
+
#
|
1334
|
+
class PublicPolicyException < Struct.new(
|
1335
|
+
:message)
|
1336
|
+
SENSITIVE = []
|
1203
1337
|
include Aws::Structure
|
1204
1338
|
end
|
1205
1339
|
|
@@ -1209,6 +1343,7 @@ module Aws::SecretsManager
|
|
1209
1343
|
# {
|
1210
1344
|
# secret_id: "SecretIdType", # required
|
1211
1345
|
# resource_policy: "NonEmptyResourcePolicyType", # required
|
1346
|
+
# block_public_policy: false,
|
1212
1347
|
# }
|
1213
1348
|
#
|
1214
1349
|
# @!attribute [rw] secret_id
|
@@ -1227,9 +1362,15 @@ module Aws::SecretsManager
|
|
1227
1362
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1228
1363
|
# that you’re specifying a complete ARN. This confusion can cause
|
1229
1364
|
# unexpected results. To avoid this situation, we recommend that you
|
1230
|
-
# don’t create secret names
|
1365
|
+
# don’t create secret names ending with a hyphen followed by six
|
1231
1366
|
# characters.
|
1232
1367
|
#
|
1368
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1369
|
+
# instead provide the 'friendly name', you *must* not include the
|
1370
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1371
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1372
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1373
|
+
#
|
1233
1374
|
# </note>
|
1234
1375
|
# @return [String]
|
1235
1376
|
#
|
@@ -1246,22 +1387,28 @@ module Aws::SecretsManager
|
|
1246
1387
|
# [1]: http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
1247
1388
|
# @return [String]
|
1248
1389
|
#
|
1390
|
+
# @!attribute [rw] block_public_policy
|
1391
|
+
# Makes an optional API call to Zelkova to validate the Resource
|
1392
|
+
# Policy to prevent broad access to your secret.
|
1393
|
+
# @return [Boolean]
|
1394
|
+
#
|
1249
1395
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyRequest AWS API Documentation
|
1250
1396
|
#
|
1251
1397
|
class PutResourcePolicyRequest < Struct.new(
|
1252
1398
|
:secret_id,
|
1253
|
-
:resource_policy
|
1399
|
+
:resource_policy,
|
1400
|
+
:block_public_policy)
|
1401
|
+
SENSITIVE = []
|
1254
1402
|
include Aws::Structure
|
1255
1403
|
end
|
1256
1404
|
|
1257
1405
|
# @!attribute [rw] arn
|
1258
|
-
# The ARN of the secret
|
1259
|
-
# for.
|
1406
|
+
# The ARN of the secret retrieved by the resource-based policy.
|
1260
1407
|
# @return [String]
|
1261
1408
|
#
|
1262
1409
|
# @!attribute [rw] name
|
1263
|
-
# The friendly name of the secret that the
|
1264
|
-
#
|
1410
|
+
# The friendly name of the secret that the retrieved by the
|
1411
|
+
# resource-based policy.
|
1265
1412
|
# @return [String]
|
1266
1413
|
#
|
1267
1414
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyResponse AWS API Documentation
|
@@ -1269,6 +1416,7 @@ module Aws::SecretsManager
|
|
1269
1416
|
class PutResourcePolicyResponse < Struct.new(
|
1270
1417
|
:arn,
|
1271
1418
|
:name)
|
1419
|
+
SENSITIVE = []
|
1272
1420
|
include Aws::Structure
|
1273
1421
|
end
|
1274
1422
|
|
@@ -1299,9 +1447,15 @@ module Aws::SecretsManager
|
|
1299
1447
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1300
1448
|
# that you’re specifying a complete ARN. This confusion can cause
|
1301
1449
|
# unexpected results. To avoid this situation, we recommend that you
|
1302
|
-
# don’t create secret names
|
1450
|
+
# don’t create secret names ending with a hyphen followed by six
|
1303
1451
|
# characters.
|
1304
1452
|
#
|
1453
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1454
|
+
# instead provide the 'friendly name', you *must* not include the
|
1455
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1456
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1457
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1458
|
+
#
|
1305
1459
|
# </note>
|
1306
1460
|
# @return [String]
|
1307
1461
|
#
|
@@ -1333,7 +1487,7 @@ module Aws::SecretsManager
|
|
1333
1487
|
# the request then the request is ignored (the operation is
|
1334
1488
|
# idempotent).
|
1335
1489
|
#
|
1336
|
-
# * If a version with this value already exists and
|
1490
|
+
# * If a version with this value already exists and the version of the
|
1337
1491
|
# `SecretString` and `SecretBinary` values are different from those
|
1338
1492
|
# in the request then the request fails because you cannot modify an
|
1339
1493
|
# existing secret version. You can only create new versions to store
|
@@ -1418,6 +1572,7 @@ module Aws::SecretsManager
|
|
1418
1572
|
:secret_binary,
|
1419
1573
|
:secret_string,
|
1420
1574
|
:version_stages)
|
1575
|
+
SENSITIVE = [:secret_binary, :secret_string]
|
1421
1576
|
include Aws::Structure
|
1422
1577
|
end
|
1423
1578
|
|
@@ -1449,6 +1604,7 @@ module Aws::SecretsManager
|
|
1449
1604
|
:name,
|
1450
1605
|
:version_id,
|
1451
1606
|
:version_stages)
|
1607
|
+
SENSITIVE = []
|
1452
1608
|
include Aws::Structure
|
1453
1609
|
end
|
1454
1610
|
|
@@ -1461,6 +1617,7 @@ module Aws::SecretsManager
|
|
1461
1617
|
#
|
1462
1618
|
class ResourceExistsException < Struct.new(
|
1463
1619
|
:message)
|
1620
|
+
SENSITIVE = []
|
1464
1621
|
include Aws::Structure
|
1465
1622
|
end
|
1466
1623
|
|
@@ -1473,6 +1630,7 @@ module Aws::SecretsManager
|
|
1473
1630
|
#
|
1474
1631
|
class ResourceNotFoundException < Struct.new(
|
1475
1632
|
:message)
|
1633
|
+
SENSITIVE = []
|
1476
1634
|
include Aws::Structure
|
1477
1635
|
end
|
1478
1636
|
|
@@ -1499,9 +1657,15 @@ module Aws::SecretsManager
|
|
1499
1657
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1500
1658
|
# that you’re specifying a complete ARN. This confusion can cause
|
1501
1659
|
# unexpected results. To avoid this situation, we recommend that you
|
1502
|
-
# don’t create secret names
|
1660
|
+
# don’t create secret names ending with a hyphen followed by six
|
1503
1661
|
# characters.
|
1504
1662
|
#
|
1663
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1664
|
+
# instead provide the 'friendly name', you *must* not include the
|
1665
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1666
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1667
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1668
|
+
#
|
1505
1669
|
# </note>
|
1506
1670
|
# @return [String]
|
1507
1671
|
#
|
@@ -1509,6 +1673,7 @@ module Aws::SecretsManager
|
|
1509
1673
|
#
|
1510
1674
|
class RestoreSecretRequest < Struct.new(
|
1511
1675
|
:secret_id)
|
1676
|
+
SENSITIVE = []
|
1512
1677
|
include Aws::Structure
|
1513
1678
|
end
|
1514
1679
|
|
@@ -1525,6 +1690,7 @@ module Aws::SecretsManager
|
|
1525
1690
|
class RestoreSecretResponse < Struct.new(
|
1526
1691
|
:arn,
|
1527
1692
|
:name)
|
1693
|
+
SENSITIVE = []
|
1528
1694
|
include Aws::Structure
|
1529
1695
|
end
|
1530
1696
|
|
@@ -1555,9 +1721,15 @@ module Aws::SecretsManager
|
|
1555
1721
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1556
1722
|
# that you’re specifying a complete ARN. This confusion can cause
|
1557
1723
|
# unexpected results. To avoid this situation, we recommend that you
|
1558
|
-
# don’t create secret names
|
1724
|
+
# don’t create secret names ending with a hyphen followed by six
|
1559
1725
|
# characters.
|
1560
1726
|
#
|
1727
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1728
|
+
# instead provide the 'friendly name', you *must* not include the
|
1729
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1730
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1731
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1732
|
+
#
|
1561
1733
|
# </note>
|
1562
1734
|
# @return [String]
|
1563
1735
|
#
|
@@ -1573,10 +1745,10 @@ module Aws::SecretsManager
|
|
1573
1745
|
# generate a `ClientRequestToken` yourself for new versions and
|
1574
1746
|
# include that value in the request.
|
1575
1747
|
#
|
1576
|
-
# You only need to specify your own value if you
|
1577
|
-
#
|
1578
|
-
#
|
1579
|
-
#
|
1748
|
+
# You only need to specify your own value if you implement your own
|
1749
|
+
# retry logic and want to ensure that a given secret is not created
|
1750
|
+
# twice. We recommend that you generate a [UUID-type][1] value to
|
1751
|
+
# ensure uniqueness within the specified secret.
|
1580
1752
|
#
|
1581
1753
|
# Secrets Manager uses this value to prevent the accidental creation
|
1582
1754
|
# of duplicate versions if there are failures and retries during the
|
@@ -1607,6 +1779,7 @@ module Aws::SecretsManager
|
|
1607
1779
|
:client_request_token,
|
1608
1780
|
:rotation_lambda_arn,
|
1609
1781
|
:rotation_rules)
|
1782
|
+
SENSITIVE = []
|
1610
1783
|
include Aws::Structure
|
1611
1784
|
end
|
1612
1785
|
|
@@ -1629,6 +1802,7 @@ module Aws::SecretsManager
|
|
1629
1802
|
:arn,
|
1630
1803
|
:name,
|
1631
1804
|
:version_id)
|
1805
|
+
SENSITIVE = []
|
1632
1806
|
include Aws::Structure
|
1633
1807
|
end
|
1634
1808
|
|
@@ -1658,6 +1832,7 @@ module Aws::SecretsManager
|
|
1658
1832
|
#
|
1659
1833
|
class RotationRulesType < Struct.new(
|
1660
1834
|
:automatically_after_days)
|
1835
|
+
SENSITIVE = []
|
1661
1836
|
include Aws::Structure
|
1662
1837
|
end
|
1663
1838
|
|
@@ -1688,11 +1863,11 @@ module Aws::SecretsManager
|
|
1688
1863
|
# @return [String]
|
1689
1864
|
#
|
1690
1865
|
# @!attribute [rw] kms_key_id
|
1691
|
-
# The ARN or alias of the AWS KMS customer master key (CMK)
|
1692
|
-
#
|
1693
|
-
#
|
1694
|
-
#
|
1695
|
-
#
|
1866
|
+
# The ARN or alias of the AWS KMS customer master key (CMK) used to
|
1867
|
+
# encrypt the `SecretString` and `SecretBinary` fields in each version
|
1868
|
+
# of the secret. If you don't provide a key, then Secrets Manager
|
1869
|
+
# defaults to encrypting the secret fields with the default KMS CMK,
|
1870
|
+
# the key named `awssecretsmanager`, for this account.
|
1696
1871
|
# @return [String]
|
1697
1872
|
#
|
1698
1873
|
# @!attribute [rw] rotation_enabled
|
@@ -1701,9 +1876,9 @@ module Aws::SecretsManager
|
|
1701
1876
|
# @return [Boolean]
|
1702
1877
|
#
|
1703
1878
|
# @!attribute [rw] rotation_lambda_arn
|
1704
|
-
# The ARN of an AWS Lambda function
|
1705
|
-
#
|
1706
|
-
#
|
1879
|
+
# The ARN of an AWS Lambda function invoked by Secrets Manager to
|
1880
|
+
# rotate and expire the secret either automatically per the schedule
|
1881
|
+
# or manually by a call to RotateSecret.
|
1707
1882
|
# @return [String]
|
1708
1883
|
#
|
1709
1884
|
# @!attribute [rw] rotation_rules
|
@@ -1726,21 +1901,21 @@ module Aws::SecretsManager
|
|
1726
1901
|
# @return [Time]
|
1727
1902
|
#
|
1728
1903
|
# @!attribute [rw] deleted_date
|
1729
|
-
# The date and time
|
1730
|
-
# active secrets. The secret can be recovered until the number of
|
1731
|
-
# in the recovery window has passed, as specified in the
|
1904
|
+
# The date and time the deletion of the secret occurred. Not present
|
1905
|
+
# on active secrets. The secret can be recovered until the number of
|
1906
|
+
# days in the recovery window has passed, as specified in the
|
1732
1907
|
# `RecoveryWindowInDays` parameter of the DeleteSecret operation.
|
1733
1908
|
# @return [Time]
|
1734
1909
|
#
|
1735
1910
|
# @!attribute [rw] tags
|
1736
|
-
# The list of user-defined tags
|
1737
|
-
#
|
1911
|
+
# The list of user-defined tags associated with the secret. To add
|
1912
|
+
# tags to a secret, use TagResource. To remove tags, use
|
1738
1913
|
# UntagResource.
|
1739
1914
|
# @return [Array<Types::Tag>]
|
1740
1915
|
#
|
1741
1916
|
# @!attribute [rw] secret_versions_to_stages
|
1742
1917
|
# A list of all of the currently assigned `SecretVersionStage` staging
|
1743
|
-
# labels and the `SecretVersionId`
|
1918
|
+
# labels and the `SecretVersionId` attached to each one. Staging
|
1744
1919
|
# labels are used to keep track of the different versions during the
|
1745
1920
|
# rotation process.
|
1746
1921
|
#
|
@@ -1755,6 +1930,10 @@ module Aws::SecretsManager
|
|
1755
1930
|
# Returns the name of the service that created the secret.
|
1756
1931
|
# @return [String]
|
1757
1932
|
#
|
1933
|
+
# @!attribute [rw] created_date
|
1934
|
+
# The date and time when a secret was created.
|
1935
|
+
# @return [Time]
|
1936
|
+
#
|
1758
1937
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/SecretListEntry AWS API Documentation
|
1759
1938
|
#
|
1760
1939
|
class SecretListEntry < Struct.new(
|
@@ -1771,7 +1950,9 @@ module Aws::SecretsManager
|
|
1771
1950
|
:deleted_date,
|
1772
1951
|
:tags,
|
1773
1952
|
:secret_versions_to_stages,
|
1774
|
-
:owning_service
|
1953
|
+
:owning_service,
|
1954
|
+
:created_date)
|
1955
|
+
SENSITIVE = []
|
1775
1956
|
include Aws::Structure
|
1776
1957
|
end
|
1777
1958
|
|
@@ -1803,6 +1984,7 @@ module Aws::SecretsManager
|
|
1803
1984
|
:version_stages,
|
1804
1985
|
:last_accessed_date,
|
1805
1986
|
:created_date)
|
1987
|
+
SENSITIVE = []
|
1806
1988
|
include Aws::Structure
|
1807
1989
|
end
|
1808
1990
|
|
@@ -1821,7 +2003,7 @@ module Aws::SecretsManager
|
|
1821
2003
|
# @return [String]
|
1822
2004
|
#
|
1823
2005
|
# @!attribute [rw] value
|
1824
|
-
# The string value
|
2006
|
+
# The string value associated with the key of the tag.
|
1825
2007
|
# @return [String]
|
1826
2008
|
#
|
1827
2009
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/Tag AWS API Documentation
|
@@ -1829,6 +2011,7 @@ module Aws::SecretsManager
|
|
1829
2011
|
class Tag < Struct.new(
|
1830
2012
|
:key,
|
1831
2013
|
:value)
|
2014
|
+
SENSITIVE = []
|
1832
2015
|
include Aws::Structure
|
1833
2016
|
end
|
1834
2017
|
|
@@ -1861,9 +2044,15 @@ module Aws::SecretsManager
|
|
1861
2044
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1862
2045
|
# that you’re specifying a complete ARN. This confusion can cause
|
1863
2046
|
# unexpected results. To avoid this situation, we recommend that you
|
1864
|
-
# don’t create secret names
|
2047
|
+
# don’t create secret names ending with a hyphen followed by six
|
1865
2048
|
# characters.
|
1866
2049
|
#
|
2050
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2051
|
+
# instead provide the 'friendly name', you *must* not include the
|
2052
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2053
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2054
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2055
|
+
#
|
1867
2056
|
# </note>
|
1868
2057
|
# @return [String]
|
1869
2058
|
#
|
@@ -1888,6 +2077,7 @@ module Aws::SecretsManager
|
|
1888
2077
|
class TagResourceRequest < Struct.new(
|
1889
2078
|
:secret_id,
|
1890
2079
|
:tags)
|
2080
|
+
SENSITIVE = []
|
1891
2081
|
include Aws::Structure
|
1892
2082
|
end
|
1893
2083
|
|
@@ -1915,9 +2105,15 @@ module Aws::SecretsManager
|
|
1915
2105
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1916
2106
|
# that you’re specifying a complete ARN. This confusion can cause
|
1917
2107
|
# unexpected results. To avoid this situation, we recommend that you
|
1918
|
-
# don’t create secret names
|
2108
|
+
# don’t create secret names ending with a hyphen followed by six
|
1919
2109
|
# characters.
|
1920
2110
|
#
|
2111
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2112
|
+
# instead provide the 'friendly name', you *must* not include the
|
2113
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2114
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2115
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2116
|
+
#
|
1921
2117
|
# </note>
|
1922
2118
|
# @return [String]
|
1923
2119
|
#
|
@@ -1941,6 +2137,7 @@ module Aws::SecretsManager
|
|
1941
2137
|
class UntagResourceRequest < Struct.new(
|
1942
2138
|
:secret_id,
|
1943
2139
|
:tag_keys)
|
2140
|
+
SENSITIVE = []
|
1944
2141
|
include Aws::Structure
|
1945
2142
|
end
|
1946
2143
|
|
@@ -1972,9 +2169,15 @@ module Aws::SecretsManager
|
|
1972
2169
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1973
2170
|
# that you’re specifying a complete ARN. This confusion can cause
|
1974
2171
|
# unexpected results. To avoid this situation, we recommend that you
|
1975
|
-
# don’t create secret names
|
2172
|
+
# don’t create secret names ending with a hyphen followed by six
|
1976
2173
|
# characters.
|
1977
2174
|
#
|
2175
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2176
|
+
# instead provide the 'friendly name', you *must* not include the
|
2177
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2178
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2179
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2180
|
+
#
|
1978
2181
|
# </note>
|
1979
2182
|
# @return [String]
|
1980
2183
|
#
|
@@ -2096,6 +2299,7 @@ module Aws::SecretsManager
|
|
2096
2299
|
:kms_key_id,
|
2097
2300
|
:secret_binary,
|
2098
2301
|
:secret_string)
|
2302
|
+
SENSITIVE = [:secret_binary, :secret_string]
|
2099
2303
|
include Aws::Structure
|
2100
2304
|
end
|
2101
2305
|
|
@@ -2128,6 +2332,7 @@ module Aws::SecretsManager
|
|
2128
2332
|
:arn,
|
2129
2333
|
:name,
|
2130
2334
|
:version_id)
|
2335
|
+
SENSITIVE = []
|
2131
2336
|
include Aws::Structure
|
2132
2337
|
end
|
2133
2338
|
|
@@ -2142,9 +2347,9 @@ module Aws::SecretsManager
|
|
2142
2347
|
# }
|
2143
2348
|
#
|
2144
2349
|
# @!attribute [rw] secret_id
|
2145
|
-
# Specifies the secret with the version
|
2146
|
-
# you want to modify. You can specify either the Amazon
|
2147
|
-
# (ARN) or the friendly name of the secret.
|
2350
|
+
# Specifies the secret with the version with the list of staging
|
2351
|
+
# labels you want to modify. You can specify either the Amazon
|
2352
|
+
# Resource Name (ARN) or the friendly name of the secret.
|
2148
2353
|
#
|
2149
2354
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
2150
2355
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -2157,9 +2362,15 @@ module Aws::SecretsManager
|
|
2157
2362
|
# partial ARN, then those characters cause Secrets Manager to assume
|
2158
2363
|
# that you’re specifying a complete ARN. This confusion can cause
|
2159
2364
|
# unexpected results. To avoid this situation, we recommend that you
|
2160
|
-
# don’t create secret names
|
2365
|
+
# don’t create secret names ending with a hyphen followed by six
|
2161
2366
|
# characters.
|
2162
2367
|
#
|
2368
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2369
|
+
# instead provide the 'friendly name', you *must* not include the
|
2370
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2371
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2372
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2373
|
+
#
|
2163
2374
|
# </note>
|
2164
2375
|
# @return [String]
|
2165
2376
|
#
|
@@ -2179,7 +2390,7 @@ module Aws::SecretsManager
|
|
2179
2390
|
#
|
2180
2391
|
# @!attribute [rw] move_to_version_id
|
2181
2392
|
# (Optional) The secret version ID that you want to add the staging
|
2182
|
-
# label
|
2393
|
+
# label. If you want to remove a label from a version, then do not
|
2183
2394
|
# specify this parameter.
|
2184
2395
|
#
|
2185
2396
|
# If the staging label is already attached to a different version of
|
@@ -2194,16 +2405,16 @@ module Aws::SecretsManager
|
|
2194
2405
|
:version_stage,
|
2195
2406
|
:remove_from_version_id,
|
2196
2407
|
:move_to_version_id)
|
2408
|
+
SENSITIVE = []
|
2197
2409
|
include Aws::Structure
|
2198
2410
|
end
|
2199
2411
|
|
2200
2412
|
# @!attribute [rw] arn
|
2201
|
-
# The ARN of the secret with the staging label
|
2413
|
+
# The ARN of the secret with the modified staging label.
|
2202
2414
|
# @return [String]
|
2203
2415
|
#
|
2204
2416
|
# @!attribute [rw] name
|
2205
|
-
# The friendly name of the secret with the staging label
|
2206
|
-
# modified.
|
2417
|
+
# The friendly name of the secret with the modified staging label.
|
2207
2418
|
# @return [String]
|
2208
2419
|
#
|
2209
2420
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UpdateSecretVersionStageResponse AWS API Documentation
|
@@ -2211,6 +2422,95 @@ module Aws::SecretsManager
|
|
2211
2422
|
class UpdateSecretVersionStageResponse < Struct.new(
|
2212
2423
|
:arn,
|
2213
2424
|
:name)
|
2425
|
+
SENSITIVE = []
|
2426
|
+
include Aws::Structure
|
2427
|
+
end
|
2428
|
+
|
2429
|
+
# @note When making an API call, you may pass ValidateResourcePolicyRequest
|
2430
|
+
# data as a hash:
|
2431
|
+
#
|
2432
|
+
# {
|
2433
|
+
# secret_id: "SecretIdType",
|
2434
|
+
# resource_policy: "NonEmptyResourcePolicyType", # required
|
2435
|
+
# }
|
2436
|
+
#
|
2437
|
+
# @!attribute [rw] secret_id
|
2438
|
+
# The identifier for the secret that you want to validate a resource
|
2439
|
+
# policy. You can specify either the Amazon Resource Name (ARN) or the
|
2440
|
+
# friendly name of the secret.
|
2441
|
+
#
|
2442
|
+
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
2443
|
+
# complete ARN. You can specify a partial ARN too—for example, if you
|
2444
|
+
# don’t include the final hyphen and six random characters that
|
2445
|
+
# Secrets Manager adds at the end of the ARN when you created the
|
2446
|
+
# secret. A partial ARN match can work as long as it uniquely matches
|
2447
|
+
# only one secret. However, if your secret has a name that ends in a
|
2448
|
+
# hyphen followed by six characters (before Secrets Manager adds the
|
2449
|
+
# hyphen and six characters to the ARN) and you try to use that as a
|
2450
|
+
# partial ARN, then those characters cause Secrets Manager to assume
|
2451
|
+
# that you’re specifying a complete ARN. This confusion can cause
|
2452
|
+
# unexpected results. To avoid this situation, we recommend that you
|
2453
|
+
# don’t create secret names ending with a hyphen followed by six
|
2454
|
+
# characters.
|
2455
|
+
#
|
2456
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2457
|
+
# instead provide the 'friendly name', you *must* not include the
|
2458
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2459
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2460
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2461
|
+
#
|
2462
|
+
# </note>
|
2463
|
+
# @return [String]
|
2464
|
+
#
|
2465
|
+
# @!attribute [rw] resource_policy
|
2466
|
+
# Identifies the Resource Policy attached to the secret.
|
2467
|
+
# @return [String]
|
2468
|
+
#
|
2469
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ValidateResourcePolicyRequest AWS API Documentation
|
2470
|
+
#
|
2471
|
+
class ValidateResourcePolicyRequest < Struct.new(
|
2472
|
+
:secret_id,
|
2473
|
+
:resource_policy)
|
2474
|
+
SENSITIVE = []
|
2475
|
+
include Aws::Structure
|
2476
|
+
end
|
2477
|
+
|
2478
|
+
# @!attribute [rw] policy_validation_passed
|
2479
|
+
# Returns a message stating that your Reource Policy passed
|
2480
|
+
# validation.
|
2481
|
+
# @return [Boolean]
|
2482
|
+
#
|
2483
|
+
# @!attribute [rw] validation_errors
|
2484
|
+
# Returns an error message if your policy doesn't pass validatation.
|
2485
|
+
# @return [Array<Types::ValidationErrorsEntry>]
|
2486
|
+
#
|
2487
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ValidateResourcePolicyResponse AWS API Documentation
|
2488
|
+
#
|
2489
|
+
class ValidateResourcePolicyResponse < Struct.new(
|
2490
|
+
:policy_validation_passed,
|
2491
|
+
:validation_errors)
|
2492
|
+
SENSITIVE = []
|
2493
|
+
include Aws::Structure
|
2494
|
+
end
|
2495
|
+
|
2496
|
+
# Displays errors that occurred during validation of the resource
|
2497
|
+
# policy.
|
2498
|
+
#
|
2499
|
+
# @!attribute [rw] check_name
|
2500
|
+
# Checks the name of the policy.
|
2501
|
+
# @return [String]
|
2502
|
+
#
|
2503
|
+
# @!attribute [rw] error_message
|
2504
|
+
# Displays error messages if validation encounters problems during
|
2505
|
+
# validation of the resource policy.
|
2506
|
+
# @return [String]
|
2507
|
+
#
|
2508
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ValidationErrorsEntry AWS API Documentation
|
2509
|
+
#
|
2510
|
+
class ValidationErrorsEntry < Struct.new(
|
2511
|
+
:check_name,
|
2512
|
+
:error_message)
|
2513
|
+
SENSITIVE = []
|
2214
2514
|
include Aws::Structure
|
2215
2515
|
end
|
2216
2516
|
|