aws-sdk-secretsmanager 1.37.1 → 1.42.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-secretsmanager.rb +5 -2
- data/lib/aws-sdk-secretsmanager/client.rb +398 -194
- data/lib/aws-sdk-secretsmanager/client_api.rb +58 -0
- data/lib/aws-sdk-secretsmanager/errors.rb +18 -0
- data/lib/aws-sdk-secretsmanager/resource.rb +2 -0
- data/lib/aws-sdk-secretsmanager/types.rb +397 -97
- metadata +2 -2
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -36,6 +38,11 @@ module Aws::SecretsManager
|
|
36
38
|
ExcludeNumbersType = Shapes::BooleanShape.new(name: 'ExcludeNumbersType')
|
37
39
|
ExcludePunctuationType = Shapes::BooleanShape.new(name: 'ExcludePunctuationType')
|
38
40
|
ExcludeUppercaseType = Shapes::BooleanShape.new(name: 'ExcludeUppercaseType')
|
41
|
+
Filter = Shapes::StructureShape.new(name: 'Filter')
|
42
|
+
FilterNameStringType = Shapes::StringShape.new(name: 'FilterNameStringType')
|
43
|
+
FilterValueStringType = Shapes::StringShape.new(name: 'FilterValueStringType')
|
44
|
+
FilterValuesStringList = Shapes::ListShape.new(name: 'FilterValuesStringList')
|
45
|
+
FiltersListType = Shapes::ListShape.new(name: 'FiltersListType')
|
39
46
|
GetRandomPasswordRequest = Shapes::StructureShape.new(name: 'GetRandomPasswordRequest')
|
40
47
|
GetRandomPasswordResponse = Shapes::StructureShape.new(name: 'GetRandomPasswordResponse')
|
41
48
|
GetResourcePolicyRequest = Shapes::StructureShape.new(name: 'GetResourcePolicyRequest')
|
@@ -64,6 +71,7 @@ module Aws::SecretsManager
|
|
64
71
|
OwningServiceType = Shapes::StringShape.new(name: 'OwningServiceType')
|
65
72
|
PasswordLengthType = Shapes::IntegerShape.new(name: 'PasswordLengthType')
|
66
73
|
PreconditionNotMetException = Shapes::StructureShape.new(name: 'PreconditionNotMetException')
|
74
|
+
PublicPolicyException = Shapes::StructureShape.new(name: 'PublicPolicyException')
|
67
75
|
PutResourcePolicyRequest = Shapes::StructureShape.new(name: 'PutResourcePolicyRequest')
|
68
76
|
PutResourcePolicyResponse = Shapes::StructureShape.new(name: 'PutResourcePolicyResponse')
|
69
77
|
PutSecretValueRequest = Shapes::StructureShape.new(name: 'PutSecretValueRequest')
|
@@ -93,17 +101,23 @@ module Aws::SecretsManager
|
|
93
101
|
SecretVersionsListEntry = Shapes::StructureShape.new(name: 'SecretVersionsListEntry')
|
94
102
|
SecretVersionsListType = Shapes::ListShape.new(name: 'SecretVersionsListType')
|
95
103
|
SecretVersionsToStagesMapType = Shapes::MapShape.new(name: 'SecretVersionsToStagesMapType')
|
104
|
+
SortOrderType = Shapes::StringShape.new(name: 'SortOrderType')
|
96
105
|
Tag = Shapes::StructureShape.new(name: 'Tag')
|
97
106
|
TagKeyListType = Shapes::ListShape.new(name: 'TagKeyListType')
|
98
107
|
TagKeyType = Shapes::StringShape.new(name: 'TagKeyType')
|
99
108
|
TagListType = Shapes::ListShape.new(name: 'TagListType')
|
100
109
|
TagResourceRequest = Shapes::StructureShape.new(name: 'TagResourceRequest')
|
101
110
|
TagValueType = Shapes::StringShape.new(name: 'TagValueType')
|
111
|
+
TimestampType = Shapes::TimestampShape.new(name: 'TimestampType')
|
102
112
|
UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
|
103
113
|
UpdateSecretRequest = Shapes::StructureShape.new(name: 'UpdateSecretRequest')
|
104
114
|
UpdateSecretResponse = Shapes::StructureShape.new(name: 'UpdateSecretResponse')
|
105
115
|
UpdateSecretVersionStageRequest = Shapes::StructureShape.new(name: 'UpdateSecretVersionStageRequest')
|
106
116
|
UpdateSecretVersionStageResponse = Shapes::StructureShape.new(name: 'UpdateSecretVersionStageResponse')
|
117
|
+
ValidateResourcePolicyRequest = Shapes::StructureShape.new(name: 'ValidateResourcePolicyRequest')
|
118
|
+
ValidateResourcePolicyResponse = Shapes::StructureShape.new(name: 'ValidateResourcePolicyResponse')
|
119
|
+
ValidationErrorsEntry = Shapes::StructureShape.new(name: 'ValidationErrorsEntry')
|
120
|
+
ValidationErrorsType = Shapes::ListShape.new(name: 'ValidationErrorsType')
|
107
121
|
|
108
122
|
CancelRotateSecretRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
|
109
123
|
CancelRotateSecretRequest.struct_class = Types::CancelRotateSecretRequest
|
@@ -164,11 +178,20 @@ module Aws::SecretsManager
|
|
164
178
|
DescribeSecretResponse.add_member(:tags, Shapes::ShapeRef.new(shape: TagListType, location_name: "Tags"))
|
165
179
|
DescribeSecretResponse.add_member(:version_ids_to_stages, Shapes::ShapeRef.new(shape: SecretVersionsToStagesMapType, location_name: "VersionIdsToStages"))
|
166
180
|
DescribeSecretResponse.add_member(:owning_service, Shapes::ShapeRef.new(shape: OwningServiceType, location_name: "OwningService"))
|
181
|
+
DescribeSecretResponse.add_member(:created_date, Shapes::ShapeRef.new(shape: TimestampType, location_name: "CreatedDate", metadata: {"box"=>true}))
|
167
182
|
DescribeSecretResponse.struct_class = Types::DescribeSecretResponse
|
168
183
|
|
169
184
|
EncryptionFailure.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
170
185
|
EncryptionFailure.struct_class = Types::EncryptionFailure
|
171
186
|
|
187
|
+
Filter.add_member(:key, Shapes::ShapeRef.new(shape: FilterNameStringType, location_name: "Key"))
|
188
|
+
Filter.add_member(:values, Shapes::ShapeRef.new(shape: FilterValuesStringList, location_name: "Values"))
|
189
|
+
Filter.struct_class = Types::Filter
|
190
|
+
|
191
|
+
FilterValuesStringList.member = Shapes::ShapeRef.new(shape: FilterValueStringType)
|
192
|
+
|
193
|
+
FiltersListType.member = Shapes::ShapeRef.new(shape: Filter)
|
194
|
+
|
172
195
|
GetRandomPasswordRequest.add_member(:password_length, Shapes::ShapeRef.new(shape: PasswordLengthType, location_name: "PasswordLength", metadata: {"box"=>true}))
|
173
196
|
GetRandomPasswordRequest.add_member(:exclude_characters, Shapes::ShapeRef.new(shape: ExcludeCharactersType, location_name: "ExcludeCharacters"))
|
174
197
|
GetRandomPasswordRequest.add_member(:exclude_numbers, Shapes::ShapeRef.new(shape: ExcludeNumbersType, location_name: "ExcludeNumbers", metadata: {"box"=>true}))
|
@@ -233,6 +256,8 @@ module Aws::SecretsManager
|
|
233
256
|
|
234
257
|
ListSecretsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResultsType, location_name: "MaxResults", metadata: {"box"=>true}))
|
235
258
|
ListSecretsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextTokenType, location_name: "NextToken"))
|
259
|
+
ListSecretsRequest.add_member(:filters, Shapes::ShapeRef.new(shape: FiltersListType, location_name: "Filters"))
|
260
|
+
ListSecretsRequest.add_member(:sort_order, Shapes::ShapeRef.new(shape: SortOrderType, location_name: "SortOrder"))
|
236
261
|
ListSecretsRequest.struct_class = Types::ListSecretsRequest
|
237
262
|
|
238
263
|
ListSecretsResponse.add_member(:secret_list, Shapes::ShapeRef.new(shape: SecretListType, location_name: "SecretList"))
|
@@ -245,8 +270,12 @@ module Aws::SecretsManager
|
|
245
270
|
PreconditionNotMetException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
246
271
|
PreconditionNotMetException.struct_class = Types::PreconditionNotMetException
|
247
272
|
|
273
|
+
PublicPolicyException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
274
|
+
PublicPolicyException.struct_class = Types::PublicPolicyException
|
275
|
+
|
248
276
|
PutResourcePolicyRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
|
249
277
|
PutResourcePolicyRequest.add_member(:resource_policy, Shapes::ShapeRef.new(shape: NonEmptyResourcePolicyType, required: true, location_name: "ResourcePolicy"))
|
278
|
+
PutResourcePolicyRequest.add_member(:block_public_policy, Shapes::ShapeRef.new(shape: BooleanType, location_name: "BlockPublicPolicy", metadata: {"box"=>true}))
|
250
279
|
PutResourcePolicyRequest.struct_class = Types::PutResourcePolicyRequest
|
251
280
|
|
252
281
|
PutResourcePolicyResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
|
@@ -307,6 +336,7 @@ module Aws::SecretsManager
|
|
307
336
|
SecretListEntry.add_member(:tags, Shapes::ShapeRef.new(shape: TagListType, location_name: "Tags"))
|
308
337
|
SecretListEntry.add_member(:secret_versions_to_stages, Shapes::ShapeRef.new(shape: SecretVersionsToStagesMapType, location_name: "SecretVersionsToStages"))
|
309
338
|
SecretListEntry.add_member(:owning_service, Shapes::ShapeRef.new(shape: OwningServiceType, location_name: "OwningService"))
|
339
|
+
SecretListEntry.add_member(:created_date, Shapes::ShapeRef.new(shape: TimestampType, location_name: "CreatedDate", metadata: {"box"=>true}))
|
310
340
|
SecretListEntry.struct_class = Types::SecretListEntry
|
311
341
|
|
312
342
|
SecretListType.member = Shapes::ShapeRef.new(shape: SecretListEntry)
|
@@ -363,6 +393,20 @@ module Aws::SecretsManager
|
|
363
393
|
UpdateSecretVersionStageResponse.add_member(:name, Shapes::ShapeRef.new(shape: SecretNameType, location_name: "Name"))
|
364
394
|
UpdateSecretVersionStageResponse.struct_class = Types::UpdateSecretVersionStageResponse
|
365
395
|
|
396
|
+
ValidateResourcePolicyRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, location_name: "SecretId"))
|
397
|
+
ValidateResourcePolicyRequest.add_member(:resource_policy, Shapes::ShapeRef.new(shape: NonEmptyResourcePolicyType, required: true, location_name: "ResourcePolicy"))
|
398
|
+
ValidateResourcePolicyRequest.struct_class = Types::ValidateResourcePolicyRequest
|
399
|
+
|
400
|
+
ValidateResourcePolicyResponse.add_member(:policy_validation_passed, Shapes::ShapeRef.new(shape: BooleanType, location_name: "PolicyValidationPassed"))
|
401
|
+
ValidateResourcePolicyResponse.add_member(:validation_errors, Shapes::ShapeRef.new(shape: ValidationErrorsType, location_name: "ValidationErrors"))
|
402
|
+
ValidateResourcePolicyResponse.struct_class = Types::ValidateResourcePolicyResponse
|
403
|
+
|
404
|
+
ValidationErrorsEntry.add_member(:check_name, Shapes::ShapeRef.new(shape: NameType, location_name: "CheckName"))
|
405
|
+
ValidationErrorsEntry.add_member(:error_message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "ErrorMessage"))
|
406
|
+
ValidationErrorsEntry.struct_class = Types::ValidationErrorsEntry
|
407
|
+
|
408
|
+
ValidationErrorsType.member = Shapes::ShapeRef.new(shape: ValidationErrorsEntry)
|
409
|
+
|
366
410
|
|
367
411
|
# @api private
|
368
412
|
API = Seahorse::Model::Api.new.tap do |api|
|
@@ -524,6 +568,7 @@ module Aws::SecretsManager
|
|
524
568
|
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
525
569
|
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
526
570
|
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
571
|
+
o.errors << Shapes::ShapeRef.new(shape: PublicPolicyException)
|
527
572
|
end)
|
528
573
|
|
529
574
|
api.add_operation(:put_secret_value, Seahorse::Model::Operation.new.tap do |o|
|
@@ -618,6 +663,19 @@ module Aws::SecretsManager
|
|
618
663
|
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
619
664
|
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
620
665
|
end)
|
666
|
+
|
667
|
+
api.add_operation(:validate_resource_policy, Seahorse::Model::Operation.new.tap do |o|
|
668
|
+
o.name = "ValidateResourcePolicy"
|
669
|
+
o.http_method = "POST"
|
670
|
+
o.http_request_uri = "/"
|
671
|
+
o.input = Shapes::ShapeRef.new(shape: ValidateResourcePolicyRequest)
|
672
|
+
o.output = Shapes::ShapeRef.new(shape: ValidateResourcePolicyResponse)
|
673
|
+
o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
|
674
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
675
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
676
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
677
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
678
|
+
end)
|
621
679
|
end
|
622
680
|
|
623
681
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -34,6 +36,7 @@ module Aws::SecretsManager
|
|
34
36
|
# * {LimitExceededException}
|
35
37
|
# * {MalformedPolicyDocumentException}
|
36
38
|
# * {PreconditionNotMetException}
|
39
|
+
# * {PublicPolicyException}
|
37
40
|
# * {ResourceExistsException}
|
38
41
|
# * {ResourceNotFoundException}
|
39
42
|
#
|
@@ -178,6 +181,21 @@ module Aws::SecretsManager
|
|
178
181
|
end
|
179
182
|
end
|
180
183
|
|
184
|
+
class PublicPolicyException < ServiceError
|
185
|
+
|
186
|
+
# @param [Seahorse::Client::RequestContext] context
|
187
|
+
# @param [String] message
|
188
|
+
# @param [Aws::SecretsManager::Types::PublicPolicyException] data
|
189
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
190
|
+
super(context, message, data)
|
191
|
+
end
|
192
|
+
|
193
|
+
# @return [String]
|
194
|
+
def message
|
195
|
+
@message || @data[:message]
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
181
199
|
class ResourceExistsException < ServiceError
|
182
200
|
|
183
201
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -16,9 +18,9 @@ module Aws::SecretsManager
|
|
16
18
|
# }
|
17
19
|
#
|
18
20
|
# @!attribute [rw] secret_id
|
19
|
-
# Specifies the secret
|
20
|
-
#
|
21
|
-
#
|
21
|
+
# Specifies the secret to cancel a rotation request. You can specify
|
22
|
+
# either the Amazon Resource Name (ARN) or the friendly name of the
|
23
|
+
# secret.
|
22
24
|
#
|
23
25
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
24
26
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -31,9 +33,15 @@ module Aws::SecretsManager
|
|
31
33
|
# partial ARN, then those characters cause Secrets Manager to assume
|
32
34
|
# that you’re specifying a complete ARN. This confusion can cause
|
33
35
|
# unexpected results. To avoid this situation, we recommend that you
|
34
|
-
# don’t create secret names
|
36
|
+
# don’t create secret names ending with a hyphen followed by six
|
35
37
|
# characters.
|
36
38
|
#
|
39
|
+
# If you specify an incomplete ARN without the random suffix, and
|
40
|
+
# instead provide the 'friendly name', you *must* not include the
|
41
|
+
# random suffix. If you do include the random suffix added by Secrets
|
42
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
43
|
+
# *AccessDeniedException* error, depending on your permissions.
|
44
|
+
#
|
37
45
|
# </note>
|
38
46
|
# @return [String]
|
39
47
|
#
|
@@ -41,6 +49,7 @@ module Aws::SecretsManager
|
|
41
49
|
#
|
42
50
|
class CancelRotateSecretRequest < Struct.new(
|
43
51
|
:secret_id)
|
52
|
+
SENSITIVE = []
|
44
53
|
include Aws::Structure
|
45
54
|
end
|
46
55
|
|
@@ -53,9 +62,9 @@ module Aws::SecretsManager
|
|
53
62
|
# @return [String]
|
54
63
|
#
|
55
64
|
# @!attribute [rw] version_id
|
56
|
-
# The unique identifier of the version of the secret
|
57
|
-
#
|
58
|
-
#
|
65
|
+
# The unique identifier of the version of the secret created during
|
66
|
+
# the rotation. This version might not be complete, and should be
|
67
|
+
# evaluated for possible deletion. At the very least, you should
|
59
68
|
# remove the `VersionStage` value `AWSPENDING` to enable this version
|
60
69
|
# to be deleted. Failing to clean up a cancelled rotation can block
|
61
70
|
# you from successfully starting future rotations.
|
@@ -67,6 +76,7 @@ module Aws::SecretsManager
|
|
67
76
|
:arn,
|
68
77
|
:name,
|
69
78
|
:version_id)
|
79
|
+
SENSITIVE = []
|
70
80
|
include Aws::Structure
|
71
81
|
end
|
72
82
|
|
@@ -94,11 +104,11 @@ module Aws::SecretsManager
|
|
94
104
|
# The secret name must be ASCII letters, digits, or the following
|
95
105
|
# characters : /\_+=.@-
|
96
106
|
#
|
97
|
-
# <note markdown="1">
|
107
|
+
# <note markdown="1"> Do not end your secret name with a hyphen followed by six
|
98
108
|
# characters. If you do so, you risk confusion and unexpected results
|
99
|
-
# when searching for a secret by partial ARN.
|
100
|
-
#
|
101
|
-
#
|
109
|
+
# when searching for a secret by partial ARN. Secrets Manager
|
110
|
+
# automatically adds a hyphen and six random characters at the end of
|
111
|
+
# the ARN.
|
102
112
|
#
|
103
113
|
# </note>
|
104
114
|
# @return [String]
|
@@ -114,7 +124,7 @@ module Aws::SecretsManager
|
|
114
124
|
# in the request. If you don't use the SDK and instead generate a raw
|
115
125
|
# HTTP request to the Secrets Manager service endpoint, then you must
|
116
126
|
# generate a `ClientRequestToken` yourself for the new version and
|
117
|
-
# include
|
127
|
+
# include the value in the request.
|
118
128
|
#
|
119
129
|
# </note>
|
120
130
|
#
|
@@ -127,10 +137,9 @@ module Aws::SecretsManager
|
|
127
137
|
# * If the `ClientRequestToken` value isn't already associated with a
|
128
138
|
# version of the secret then a new version of the secret is created.
|
129
139
|
#
|
130
|
-
# * If a version with this value already exists and
|
140
|
+
# * If a version with this value already exists and the version
|
131
141
|
# `SecretString` and `SecretBinary` values are the same as those in
|
132
|
-
# the request, then the request is ignored
|
133
|
-
# idempotent).
|
142
|
+
# the request, then the request is ignored.
|
134
143
|
#
|
135
144
|
# * If a version with this value already exists and that version's
|
136
145
|
# `SecretString` and `SecretBinary` values are different from those
|
@@ -168,9 +177,9 @@ module Aws::SecretsManager
|
|
168
177
|
# first time it needs to encrypt a version's `SecretString` or
|
169
178
|
# `SecretBinary` fields.
|
170
179
|
#
|
171
|
-
# You can use the account
|
172
|
-
#
|
173
|
-
#
|
180
|
+
# You can use the account default CMK to encrypt and decrypt only if
|
181
|
+
# you call this operation using credentials from the same account that
|
182
|
+
# owns the secret. If the secret resides in a different account, then
|
174
183
|
# you must create a custom CMK and specify the ARN in this field.
|
175
184
|
# @return [String]
|
176
185
|
#
|
@@ -207,7 +216,7 @@ module Aws::SecretsManager
|
|
207
216
|
# environments, see [Using JSON for Parameters][1] in the *AWS CLI
|
208
217
|
# User Guide*. For example:
|
209
218
|
#
|
210
|
-
#
|
219
|
+
# `\{"username":"bob","password":"abc123xyz456"\}`
|
211
220
|
#
|
212
221
|
# If your command-line tool or SDK requires quotation marks around the
|
213
222
|
# parameter, you should use single quotes to avoid confusion with the
|
@@ -255,15 +264,15 @@ module Aws::SecretsManager
|
|
255
264
|
# * Tag keys and values are case sensitive.
|
256
265
|
#
|
257
266
|
# * Do not use the `aws:` prefix in your tag names or values because
|
258
|
-
#
|
259
|
-
# values with this prefix. Tags with this prefix do not count
|
267
|
+
# AWS reserves it for AWS use. You can't edit or delete tag names
|
268
|
+
# or values with this prefix. Tags with this prefix do not count
|
260
269
|
# against your tags per secret limit.
|
261
270
|
#
|
262
|
-
# * If your tagging schema
|
263
|
-
# resources, remember
|
264
|
-
# allowed characters. Generally allowed characters
|
265
|
-
#
|
266
|
-
#
|
271
|
+
# * If you use your tagging schema across multiple services and
|
272
|
+
# resources, remember other services might have restrictions on
|
273
|
+
# allowed characters. Generally allowed characters: letters, spaces,
|
274
|
+
# and numbers representable in UTF-8, plus the following special
|
275
|
+
# characters: + - = . \_ : / @.
|
267
276
|
#
|
268
277
|
#
|
269
278
|
#
|
@@ -280,6 +289,7 @@ module Aws::SecretsManager
|
|
280
289
|
:secret_binary,
|
281
290
|
:secret_string,
|
282
291
|
:tags)
|
292
|
+
SENSITIVE = [:secret_binary, :secret_string]
|
283
293
|
include Aws::Structure
|
284
294
|
end
|
285
295
|
|
@@ -302,8 +312,8 @@ module Aws::SecretsManager
|
|
302
312
|
# @return [String]
|
303
313
|
#
|
304
314
|
# @!attribute [rw] version_id
|
305
|
-
# The unique identifier
|
306
|
-
#
|
315
|
+
# The unique identifier associated with the version of the secret you
|
316
|
+
# just created.
|
307
317
|
# @return [String]
|
308
318
|
#
|
309
319
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/CreateSecretResponse AWS API Documentation
|
@@ -312,6 +322,7 @@ module Aws::SecretsManager
|
|
312
322
|
:arn,
|
313
323
|
:name,
|
314
324
|
:version_id)
|
325
|
+
SENSITIVE = []
|
315
326
|
include Aws::Structure
|
316
327
|
end
|
317
328
|
|
@@ -325,6 +336,7 @@ module Aws::SecretsManager
|
|
325
336
|
#
|
326
337
|
class DecryptionFailure < Struct.new(
|
327
338
|
:message)
|
339
|
+
SENSITIVE = []
|
328
340
|
include Aws::Structure
|
329
341
|
end
|
330
342
|
|
@@ -351,9 +363,15 @@ module Aws::SecretsManager
|
|
351
363
|
# partial ARN, then those characters cause Secrets Manager to assume
|
352
364
|
# that you’re specifying a complete ARN. This confusion can cause
|
353
365
|
# unexpected results. To avoid this situation, we recommend that you
|
354
|
-
# don’t create secret names
|
366
|
+
# don’t create secret names ending with a hyphen followed by six
|
355
367
|
# characters.
|
356
368
|
#
|
369
|
+
# If you specify an incomplete ARN without the random suffix, and
|
370
|
+
# instead provide the 'friendly name', you *must* not include the
|
371
|
+
# random suffix. If you do include the random suffix added by Secrets
|
372
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
373
|
+
# *AccessDeniedException* error, depending on your permissions.
|
374
|
+
#
|
357
375
|
# </note>
|
358
376
|
# @return [String]
|
359
377
|
#
|
@@ -361,6 +379,7 @@ module Aws::SecretsManager
|
|
361
379
|
#
|
362
380
|
class DeleteResourcePolicyRequest < Struct.new(
|
363
381
|
:secret_id)
|
382
|
+
SENSITIVE = []
|
364
383
|
include Aws::Structure
|
365
384
|
end
|
366
385
|
|
@@ -379,6 +398,7 @@ module Aws::SecretsManager
|
|
379
398
|
class DeleteResourcePolicyResponse < Struct.new(
|
380
399
|
:arn,
|
381
400
|
:name)
|
401
|
+
SENSITIVE = []
|
382
402
|
include Aws::Structure
|
383
403
|
end
|
384
404
|
|
@@ -406,9 +426,15 @@ module Aws::SecretsManager
|
|
406
426
|
# partial ARN, then those characters cause Secrets Manager to assume
|
407
427
|
# that you’re specifying a complete ARN. This confusion can cause
|
408
428
|
# unexpected results. To avoid this situation, we recommend that you
|
409
|
-
# don’t create secret names
|
429
|
+
# don’t create secret names ending with a hyphen followed by six
|
410
430
|
# characters.
|
411
431
|
#
|
432
|
+
# If you specify an incomplete ARN without the random suffix, and
|
433
|
+
# instead provide the 'friendly name', you *must* not include the
|
434
|
+
# random suffix. If you do include the random suffix added by Secrets
|
435
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
436
|
+
# *AccessDeniedException* error, depending on your permissions.
|
437
|
+
#
|
412
438
|
# </note>
|
413
439
|
# @return [String]
|
414
440
|
#
|
@@ -445,6 +471,7 @@ module Aws::SecretsManager
|
|
445
471
|
:secret_id,
|
446
472
|
:recovery_window_in_days,
|
447
473
|
:force_delete_without_recovery)
|
474
|
+
SENSITIVE = []
|
448
475
|
include Aws::Structure
|
449
476
|
end
|
450
477
|
|
@@ -469,6 +496,7 @@ module Aws::SecretsManager
|
|
469
496
|
:arn,
|
470
497
|
:name,
|
471
498
|
:deletion_date)
|
499
|
+
SENSITIVE = []
|
472
500
|
include Aws::Structure
|
473
501
|
end
|
474
502
|
|
@@ -495,9 +523,15 @@ module Aws::SecretsManager
|
|
495
523
|
# partial ARN, then those characters cause Secrets Manager to assume
|
496
524
|
# that you’re specifying a complete ARN. This confusion can cause
|
497
525
|
# unexpected results. To avoid this situation, we recommend that you
|
498
|
-
# don’t create secret names
|
526
|
+
# don’t create secret names ending with a hyphen followed by six
|
499
527
|
# characters.
|
500
528
|
#
|
529
|
+
# If you specify an incomplete ARN without the random suffix, and
|
530
|
+
# instead provide the 'friendly name', you *must* not include the
|
531
|
+
# random suffix. If you do include the random suffix added by Secrets
|
532
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
533
|
+
# *AccessDeniedException* error, depending on your permissions.
|
534
|
+
#
|
501
535
|
# </note>
|
502
536
|
# @return [String]
|
503
537
|
#
|
@@ -505,6 +539,7 @@ module Aws::SecretsManager
|
|
505
539
|
#
|
506
540
|
class DescribeSecretRequest < Struct.new(
|
507
541
|
:secret_id)
|
542
|
+
SENSITIVE = []
|
508
543
|
include Aws::Structure
|
509
544
|
end
|
510
545
|
|
@@ -596,6 +631,10 @@ module Aws::SecretsManager
|
|
596
631
|
# Returns the name of the service that created this secret.
|
597
632
|
# @return [String]
|
598
633
|
#
|
634
|
+
# @!attribute [rw] created_date
|
635
|
+
# The date that the secret was created.
|
636
|
+
# @return [Time]
|
637
|
+
#
|
599
638
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DescribeSecretResponse AWS API Documentation
|
600
639
|
#
|
601
640
|
class DescribeSecretResponse < Struct.new(
|
@@ -612,7 +651,9 @@ module Aws::SecretsManager
|
|
612
651
|
:deleted_date,
|
613
652
|
:tags,
|
614
653
|
:version_ids_to_stages,
|
615
|
-
:owning_service
|
654
|
+
:owning_service,
|
655
|
+
:created_date)
|
656
|
+
SENSITIVE = []
|
616
657
|
include Aws::Structure
|
617
658
|
end
|
618
659
|
|
@@ -632,6 +673,34 @@ module Aws::SecretsManager
|
|
632
673
|
#
|
633
674
|
class EncryptionFailure < Struct.new(
|
634
675
|
:message)
|
676
|
+
SENSITIVE = []
|
677
|
+
include Aws::Structure
|
678
|
+
end
|
679
|
+
|
680
|
+
# Allows you to filter your list of secrets.
|
681
|
+
#
|
682
|
+
# @note When making an API call, you may pass Filter
|
683
|
+
# data as a hash:
|
684
|
+
#
|
685
|
+
# {
|
686
|
+
# key: "description", # accepts description, name, tag-key, tag-value, all
|
687
|
+
# values: ["FilterValueStringType"],
|
688
|
+
# }
|
689
|
+
#
|
690
|
+
# @!attribute [rw] key
|
691
|
+
# Filters your list of secrets by a specific key.
|
692
|
+
# @return [String]
|
693
|
+
#
|
694
|
+
# @!attribute [rw] values
|
695
|
+
# Filters your list of secrets by a specific value.
|
696
|
+
# @return [Array<String>]
|
697
|
+
#
|
698
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/Filter AWS API Documentation
|
699
|
+
#
|
700
|
+
class Filter < Struct.new(
|
701
|
+
:key,
|
702
|
+
:values)
|
703
|
+
SENSITIVE = []
|
635
704
|
include Aws::Structure
|
636
705
|
end
|
637
706
|
|
@@ -715,6 +784,7 @@ module Aws::SecretsManager
|
|
715
784
|
:exclude_lowercase,
|
716
785
|
:include_space,
|
717
786
|
:require_each_included_type)
|
787
|
+
SENSITIVE = []
|
718
788
|
include Aws::Structure
|
719
789
|
end
|
720
790
|
|
@@ -726,6 +796,7 @@ module Aws::SecretsManager
|
|
726
796
|
#
|
727
797
|
class GetRandomPasswordResponse < Struct.new(
|
728
798
|
:random_password)
|
799
|
+
SENSITIVE = [:random_password]
|
729
800
|
include Aws::Structure
|
730
801
|
end
|
731
802
|
|
@@ -752,9 +823,15 @@ module Aws::SecretsManager
|
|
752
823
|
# partial ARN, then those characters cause Secrets Manager to assume
|
753
824
|
# that you’re specifying a complete ARN. This confusion can cause
|
754
825
|
# unexpected results. To avoid this situation, we recommend that you
|
755
|
-
# don’t create secret names
|
826
|
+
# don’t create secret names ending with a hyphen followed by six
|
756
827
|
# characters.
|
757
828
|
#
|
829
|
+
# If you specify an incomplete ARN without the random suffix, and
|
830
|
+
# instead provide the 'friendly name', you *must* not include the
|
831
|
+
# random suffix. If you do include the random suffix added by Secrets
|
832
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
833
|
+
# *AccessDeniedException* error, depending on your permissions.
|
834
|
+
#
|
758
835
|
# </note>
|
759
836
|
# @return [String]
|
760
837
|
#
|
@@ -762,6 +839,7 @@ module Aws::SecretsManager
|
|
762
839
|
#
|
763
840
|
class GetResourcePolicyRequest < Struct.new(
|
764
841
|
:secret_id)
|
842
|
+
SENSITIVE = []
|
765
843
|
include Aws::Structure
|
766
844
|
end
|
767
845
|
|
@@ -795,6 +873,7 @@ module Aws::SecretsManager
|
|
795
873
|
:arn,
|
796
874
|
:name,
|
797
875
|
:resource_policy)
|
876
|
+
SENSITIVE = []
|
798
877
|
include Aws::Structure
|
799
878
|
end
|
800
879
|
|
@@ -823,9 +902,15 @@ module Aws::SecretsManager
|
|
823
902
|
# partial ARN, then those characters cause Secrets Manager to assume
|
824
903
|
# that you’re specifying a complete ARN. This confusion can cause
|
825
904
|
# unexpected results. To avoid this situation, we recommend that you
|
826
|
-
# don’t create secret names
|
905
|
+
# don’t create secret names ending with a hyphen followed by six
|
827
906
|
# characters.
|
828
907
|
#
|
908
|
+
# If you specify an incomplete ARN without the random suffix, and
|
909
|
+
# instead provide the 'friendly name', you *must* not include the
|
910
|
+
# random suffix. If you do include the random suffix added by Secrets
|
911
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
912
|
+
# *AccessDeniedException* error, depending on your permissions.
|
913
|
+
#
|
829
914
|
# </note>
|
830
915
|
# @return [String]
|
831
916
|
#
|
@@ -862,6 +947,7 @@ module Aws::SecretsManager
|
|
862
947
|
:secret_id,
|
863
948
|
:version_id,
|
864
949
|
:version_stage)
|
950
|
+
SENSITIVE = []
|
865
951
|
include Aws::Structure
|
866
952
|
end
|
867
953
|
|
@@ -930,6 +1016,7 @@ module Aws::SecretsManager
|
|
930
1016
|
:secret_string,
|
931
1017
|
:version_stages,
|
932
1018
|
:created_date)
|
1019
|
+
SENSITIVE = [:secret_binary, :secret_string]
|
933
1020
|
include Aws::Structure
|
934
1021
|
end
|
935
1022
|
|
@@ -942,6 +1029,7 @@ module Aws::SecretsManager
|
|
942
1029
|
#
|
943
1030
|
class InternalServiceError < Struct.new(
|
944
1031
|
:message)
|
1032
|
+
SENSITIVE = []
|
945
1033
|
include Aws::Structure
|
946
1034
|
end
|
947
1035
|
|
@@ -954,6 +1042,7 @@ module Aws::SecretsManager
|
|
954
1042
|
#
|
955
1043
|
class InvalidNextTokenException < Struct.new(
|
956
1044
|
:message)
|
1045
|
+
SENSITIVE = []
|
957
1046
|
include Aws::Structure
|
958
1047
|
end
|
959
1048
|
|
@@ -966,6 +1055,7 @@ module Aws::SecretsManager
|
|
966
1055
|
#
|
967
1056
|
class InvalidParameterException < Struct.new(
|
968
1057
|
:message)
|
1058
|
+
SENSITIVE = []
|
969
1059
|
include Aws::Structure
|
970
1060
|
end
|
971
1061
|
|
@@ -988,6 +1078,7 @@ module Aws::SecretsManager
|
|
988
1078
|
#
|
989
1079
|
class InvalidRequestException < Struct.new(
|
990
1080
|
:message)
|
1081
|
+
SENSITIVE = []
|
991
1082
|
include Aws::Structure
|
992
1083
|
end
|
993
1084
|
|
@@ -1001,6 +1092,7 @@ module Aws::SecretsManager
|
|
1001
1092
|
#
|
1002
1093
|
class LimitExceededException < Struct.new(
|
1003
1094
|
:message)
|
1095
|
+
SENSITIVE = []
|
1004
1096
|
include Aws::Structure
|
1005
1097
|
end
|
1006
1098
|
|
@@ -1030,15 +1122,21 @@ module Aws::SecretsManager
|
|
1030
1122
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1031
1123
|
# that you’re specifying a complete ARN. This confusion can cause
|
1032
1124
|
# unexpected results. To avoid this situation, we recommend that you
|
1033
|
-
# don’t create secret names
|
1125
|
+
# don’t create secret names ending with a hyphen followed by six
|
1034
1126
|
# characters.
|
1035
1127
|
#
|
1128
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1129
|
+
# instead provide the 'friendly name', you *must* not include the
|
1130
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1131
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1132
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1133
|
+
#
|
1036
1134
|
# </note>
|
1037
1135
|
# @return [String]
|
1038
1136
|
#
|
1039
1137
|
# @!attribute [rw] max_results
|
1040
|
-
# (Optional) Limits the number of results
|
1041
|
-
#
|
1138
|
+
# (Optional) Limits the number of results you want to include in the
|
1139
|
+
# response. If you don't include this parameter, it defaults to a
|
1042
1140
|
# value that's specific to the operation. If additional items exist
|
1043
1141
|
# beyond the maximum you specify, the `NextToken` response element is
|
1044
1142
|
# present and has a value (isn't null). Include that value as the
|
@@ -1051,10 +1149,10 @@ module Aws::SecretsManager
|
|
1051
1149
|
#
|
1052
1150
|
# @!attribute [rw] next_token
|
1053
1151
|
# (Optional) Use this parameter in a request if you receive a
|
1054
|
-
# `NextToken` response in a previous request
|
1055
|
-
#
|
1056
|
-
#
|
1057
|
-
#
|
1152
|
+
# `NextToken` response in a previous request indicating there's more
|
1153
|
+
# output available. In a subsequent call, set it to the value of the
|
1154
|
+
# previous call `NextToken` response to indicate where the output
|
1155
|
+
# should continue from.
|
1058
1156
|
# @return [String]
|
1059
1157
|
#
|
1060
1158
|
# @!attribute [rw] include_deprecated
|
@@ -1071,6 +1169,7 @@ module Aws::SecretsManager
|
|
1071
1169
|
:max_results,
|
1072
1170
|
:next_token,
|
1073
1171
|
:include_deprecated)
|
1172
|
+
SENSITIVE = []
|
1074
1173
|
include Aws::Structure
|
1075
1174
|
end
|
1076
1175
|
|
@@ -1081,10 +1180,10 @@ module Aws::SecretsManager
|
|
1081
1180
|
#
|
1082
1181
|
# @!attribute [rw] next_token
|
1083
1182
|
# If present in the response, this value indicates that there's more
|
1084
|
-
# output available than
|
1085
|
-
#
|
1086
|
-
#
|
1087
|
-
#
|
1183
|
+
# output available than included in the current response. This can
|
1184
|
+
# occur even when the response includes no values at all, such as when
|
1185
|
+
# you ask for a filtered view of a very long list. Use this value in
|
1186
|
+
# the `NextToken` request parameter in a subsequent call to the
|
1088
1187
|
# operation to continue processing and get the next part of the
|
1089
1188
|
# output. You should repeat this until the `NextToken` response
|
1090
1189
|
# element comes back empty (as `null`).
|
@@ -1115,6 +1214,7 @@ module Aws::SecretsManager
|
|
1115
1214
|
:next_token,
|
1116
1215
|
:arn,
|
1117
1216
|
:name)
|
1217
|
+
SENSITIVE = []
|
1118
1218
|
include Aws::Structure
|
1119
1219
|
end
|
1120
1220
|
|
@@ -1124,11 +1224,18 @@ module Aws::SecretsManager
|
|
1124
1224
|
# {
|
1125
1225
|
# max_results: 1,
|
1126
1226
|
# next_token: "NextTokenType",
|
1227
|
+
# filters: [
|
1228
|
+
# {
|
1229
|
+
# key: "description", # accepts description, name, tag-key, tag-value, all
|
1230
|
+
# values: ["FilterValueStringType"],
|
1231
|
+
# },
|
1232
|
+
# ],
|
1233
|
+
# sort_order: "asc", # accepts asc, desc
|
1127
1234
|
# }
|
1128
1235
|
#
|
1129
1236
|
# @!attribute [rw] max_results
|
1130
|
-
# (Optional) Limits the number of results
|
1131
|
-
#
|
1237
|
+
# (Optional) Limits the number of results you want to include in the
|
1238
|
+
# response. If you don't include this parameter, it defaults to a
|
1132
1239
|
# value that's specific to the operation. If additional items exist
|
1133
1240
|
# beyond the maximum you specify, the `NextToken` response element is
|
1134
1241
|
# present and has a value (isn't null). Include that value as the
|
@@ -1141,17 +1248,28 @@ module Aws::SecretsManager
|
|
1141
1248
|
#
|
1142
1249
|
# @!attribute [rw] next_token
|
1143
1250
|
# (Optional) Use this parameter in a request if you receive a
|
1144
|
-
# `NextToken` response in a previous request
|
1145
|
-
#
|
1146
|
-
#
|
1147
|
-
#
|
1251
|
+
# `NextToken` response in a previous request indicating there's more
|
1252
|
+
# output available. In a subsequent call, set it to the value of the
|
1253
|
+
# previous call `NextToken` response to indicate where the output
|
1254
|
+
# should continue from.
|
1255
|
+
# @return [String]
|
1256
|
+
#
|
1257
|
+
# @!attribute [rw] filters
|
1258
|
+
# Lists the secret request filters.
|
1259
|
+
# @return [Array<Types::Filter>]
|
1260
|
+
#
|
1261
|
+
# @!attribute [rw] sort_order
|
1262
|
+
# Lists secrets in the requested order.
|
1148
1263
|
# @return [String]
|
1149
1264
|
#
|
1150
1265
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ListSecretsRequest AWS API Documentation
|
1151
1266
|
#
|
1152
1267
|
class ListSecretsRequest < Struct.new(
|
1153
1268
|
:max_results,
|
1154
|
-
:next_token
|
1269
|
+
:next_token,
|
1270
|
+
:filters,
|
1271
|
+
:sort_order)
|
1272
|
+
SENSITIVE = []
|
1155
1273
|
include Aws::Structure
|
1156
1274
|
end
|
1157
1275
|
|
@@ -1161,10 +1279,10 @@ module Aws::SecretsManager
|
|
1161
1279
|
#
|
1162
1280
|
# @!attribute [rw] next_token
|
1163
1281
|
# If present in the response, this value indicates that there's more
|
1164
|
-
# output available than
|
1165
|
-
#
|
1166
|
-
#
|
1167
|
-
#
|
1282
|
+
# output available than included in the current response. This can
|
1283
|
+
# occur even when the response includes no values at all, such as when
|
1284
|
+
# you ask for a filtered view of a very long list. Use this value in
|
1285
|
+
# the `NextToken` request parameter in a subsequent call to the
|
1168
1286
|
# operation to continue processing and get the next part of the
|
1169
1287
|
# output. You should repeat this until the `NextToken` response
|
1170
1288
|
# element comes back empty (as `null`).
|
@@ -1175,6 +1293,7 @@ module Aws::SecretsManager
|
|
1175
1293
|
class ListSecretsResponse < Struct.new(
|
1176
1294
|
:secret_list,
|
1177
1295
|
:next_token)
|
1296
|
+
SENSITIVE = []
|
1178
1297
|
include Aws::Structure
|
1179
1298
|
end
|
1180
1299
|
|
@@ -1187,6 +1306,7 @@ module Aws::SecretsManager
|
|
1187
1306
|
#
|
1188
1307
|
class MalformedPolicyDocumentException < Struct.new(
|
1189
1308
|
:message)
|
1309
|
+
SENSITIVE = []
|
1190
1310
|
include Aws::Structure
|
1191
1311
|
end
|
1192
1312
|
|
@@ -1200,6 +1320,20 @@ module Aws::SecretsManager
|
|
1200
1320
|
#
|
1201
1321
|
class PreconditionNotMetException < Struct.new(
|
1202
1322
|
:message)
|
1323
|
+
SENSITIVE = []
|
1324
|
+
include Aws::Structure
|
1325
|
+
end
|
1326
|
+
|
1327
|
+
# The resource policy did not prevent broad access to the secret.
|
1328
|
+
#
|
1329
|
+
# @!attribute [rw] message
|
1330
|
+
# @return [String]
|
1331
|
+
#
|
1332
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PublicPolicyException AWS API Documentation
|
1333
|
+
#
|
1334
|
+
class PublicPolicyException < Struct.new(
|
1335
|
+
:message)
|
1336
|
+
SENSITIVE = []
|
1203
1337
|
include Aws::Structure
|
1204
1338
|
end
|
1205
1339
|
|
@@ -1209,6 +1343,7 @@ module Aws::SecretsManager
|
|
1209
1343
|
# {
|
1210
1344
|
# secret_id: "SecretIdType", # required
|
1211
1345
|
# resource_policy: "NonEmptyResourcePolicyType", # required
|
1346
|
+
# block_public_policy: false,
|
1212
1347
|
# }
|
1213
1348
|
#
|
1214
1349
|
# @!attribute [rw] secret_id
|
@@ -1227,9 +1362,15 @@ module Aws::SecretsManager
|
|
1227
1362
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1228
1363
|
# that you’re specifying a complete ARN. This confusion can cause
|
1229
1364
|
# unexpected results. To avoid this situation, we recommend that you
|
1230
|
-
# don’t create secret names
|
1365
|
+
# don’t create secret names ending with a hyphen followed by six
|
1231
1366
|
# characters.
|
1232
1367
|
#
|
1368
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1369
|
+
# instead provide the 'friendly name', you *must* not include the
|
1370
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1371
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1372
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1373
|
+
#
|
1233
1374
|
# </note>
|
1234
1375
|
# @return [String]
|
1235
1376
|
#
|
@@ -1246,22 +1387,28 @@ module Aws::SecretsManager
|
|
1246
1387
|
# [1]: http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
1247
1388
|
# @return [String]
|
1248
1389
|
#
|
1390
|
+
# @!attribute [rw] block_public_policy
|
1391
|
+
# Makes an optional API call to Zelkova to validate the Resource
|
1392
|
+
# Policy to prevent broad access to your secret.
|
1393
|
+
# @return [Boolean]
|
1394
|
+
#
|
1249
1395
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyRequest AWS API Documentation
|
1250
1396
|
#
|
1251
1397
|
class PutResourcePolicyRequest < Struct.new(
|
1252
1398
|
:secret_id,
|
1253
|
-
:resource_policy
|
1399
|
+
:resource_policy,
|
1400
|
+
:block_public_policy)
|
1401
|
+
SENSITIVE = []
|
1254
1402
|
include Aws::Structure
|
1255
1403
|
end
|
1256
1404
|
|
1257
1405
|
# @!attribute [rw] arn
|
1258
|
-
# The ARN of the secret
|
1259
|
-
# for.
|
1406
|
+
# The ARN of the secret retrieved by the resource-based policy.
|
1260
1407
|
# @return [String]
|
1261
1408
|
#
|
1262
1409
|
# @!attribute [rw] name
|
1263
|
-
# The friendly name of the secret that the
|
1264
|
-
#
|
1410
|
+
# The friendly name of the secret that the retrieved by the
|
1411
|
+
# resource-based policy.
|
1265
1412
|
# @return [String]
|
1266
1413
|
#
|
1267
1414
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyResponse AWS API Documentation
|
@@ -1269,6 +1416,7 @@ module Aws::SecretsManager
|
|
1269
1416
|
class PutResourcePolicyResponse < Struct.new(
|
1270
1417
|
:arn,
|
1271
1418
|
:name)
|
1419
|
+
SENSITIVE = []
|
1272
1420
|
include Aws::Structure
|
1273
1421
|
end
|
1274
1422
|
|
@@ -1299,9 +1447,15 @@ module Aws::SecretsManager
|
|
1299
1447
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1300
1448
|
# that you’re specifying a complete ARN. This confusion can cause
|
1301
1449
|
# unexpected results. To avoid this situation, we recommend that you
|
1302
|
-
# don’t create secret names
|
1450
|
+
# don’t create secret names ending with a hyphen followed by six
|
1303
1451
|
# characters.
|
1304
1452
|
#
|
1453
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1454
|
+
# instead provide the 'friendly name', you *must* not include the
|
1455
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1456
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1457
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1458
|
+
#
|
1305
1459
|
# </note>
|
1306
1460
|
# @return [String]
|
1307
1461
|
#
|
@@ -1333,7 +1487,7 @@ module Aws::SecretsManager
|
|
1333
1487
|
# the request then the request is ignored (the operation is
|
1334
1488
|
# idempotent).
|
1335
1489
|
#
|
1336
|
-
# * If a version with this value already exists and
|
1490
|
+
# * If a version with this value already exists and the version of the
|
1337
1491
|
# `SecretString` and `SecretBinary` values are different from those
|
1338
1492
|
# in the request then the request fails because you cannot modify an
|
1339
1493
|
# existing secret version. You can only create new versions to store
|
@@ -1418,6 +1572,7 @@ module Aws::SecretsManager
|
|
1418
1572
|
:secret_binary,
|
1419
1573
|
:secret_string,
|
1420
1574
|
:version_stages)
|
1575
|
+
SENSITIVE = [:secret_binary, :secret_string]
|
1421
1576
|
include Aws::Structure
|
1422
1577
|
end
|
1423
1578
|
|
@@ -1449,6 +1604,7 @@ module Aws::SecretsManager
|
|
1449
1604
|
:name,
|
1450
1605
|
:version_id,
|
1451
1606
|
:version_stages)
|
1607
|
+
SENSITIVE = []
|
1452
1608
|
include Aws::Structure
|
1453
1609
|
end
|
1454
1610
|
|
@@ -1461,6 +1617,7 @@ module Aws::SecretsManager
|
|
1461
1617
|
#
|
1462
1618
|
class ResourceExistsException < Struct.new(
|
1463
1619
|
:message)
|
1620
|
+
SENSITIVE = []
|
1464
1621
|
include Aws::Structure
|
1465
1622
|
end
|
1466
1623
|
|
@@ -1473,6 +1630,7 @@ module Aws::SecretsManager
|
|
1473
1630
|
#
|
1474
1631
|
class ResourceNotFoundException < Struct.new(
|
1475
1632
|
:message)
|
1633
|
+
SENSITIVE = []
|
1476
1634
|
include Aws::Structure
|
1477
1635
|
end
|
1478
1636
|
|
@@ -1499,9 +1657,15 @@ module Aws::SecretsManager
|
|
1499
1657
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1500
1658
|
# that you’re specifying a complete ARN. This confusion can cause
|
1501
1659
|
# unexpected results. To avoid this situation, we recommend that you
|
1502
|
-
# don’t create secret names
|
1660
|
+
# don’t create secret names ending with a hyphen followed by six
|
1503
1661
|
# characters.
|
1504
1662
|
#
|
1663
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1664
|
+
# instead provide the 'friendly name', you *must* not include the
|
1665
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1666
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1667
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1668
|
+
#
|
1505
1669
|
# </note>
|
1506
1670
|
# @return [String]
|
1507
1671
|
#
|
@@ -1509,6 +1673,7 @@ module Aws::SecretsManager
|
|
1509
1673
|
#
|
1510
1674
|
class RestoreSecretRequest < Struct.new(
|
1511
1675
|
:secret_id)
|
1676
|
+
SENSITIVE = []
|
1512
1677
|
include Aws::Structure
|
1513
1678
|
end
|
1514
1679
|
|
@@ -1525,6 +1690,7 @@ module Aws::SecretsManager
|
|
1525
1690
|
class RestoreSecretResponse < Struct.new(
|
1526
1691
|
:arn,
|
1527
1692
|
:name)
|
1693
|
+
SENSITIVE = []
|
1528
1694
|
include Aws::Structure
|
1529
1695
|
end
|
1530
1696
|
|
@@ -1555,9 +1721,15 @@ module Aws::SecretsManager
|
|
1555
1721
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1556
1722
|
# that you’re specifying a complete ARN. This confusion can cause
|
1557
1723
|
# unexpected results. To avoid this situation, we recommend that you
|
1558
|
-
# don’t create secret names
|
1724
|
+
# don’t create secret names ending with a hyphen followed by six
|
1559
1725
|
# characters.
|
1560
1726
|
#
|
1727
|
+
# If you specify an incomplete ARN without the random suffix, and
|
1728
|
+
# instead provide the 'friendly name', you *must* not include the
|
1729
|
+
# random suffix. If you do include the random suffix added by Secrets
|
1730
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
1731
|
+
# *AccessDeniedException* error, depending on your permissions.
|
1732
|
+
#
|
1561
1733
|
# </note>
|
1562
1734
|
# @return [String]
|
1563
1735
|
#
|
@@ -1573,10 +1745,10 @@ module Aws::SecretsManager
|
|
1573
1745
|
# generate a `ClientRequestToken` yourself for new versions and
|
1574
1746
|
# include that value in the request.
|
1575
1747
|
#
|
1576
|
-
# You only need to specify your own value if you
|
1577
|
-
#
|
1578
|
-
#
|
1579
|
-
#
|
1748
|
+
# You only need to specify your own value if you implement your own
|
1749
|
+
# retry logic and want to ensure that a given secret is not created
|
1750
|
+
# twice. We recommend that you generate a [UUID-type][1] value to
|
1751
|
+
# ensure uniqueness within the specified secret.
|
1580
1752
|
#
|
1581
1753
|
# Secrets Manager uses this value to prevent the accidental creation
|
1582
1754
|
# of duplicate versions if there are failures and retries during the
|
@@ -1607,6 +1779,7 @@ module Aws::SecretsManager
|
|
1607
1779
|
:client_request_token,
|
1608
1780
|
:rotation_lambda_arn,
|
1609
1781
|
:rotation_rules)
|
1782
|
+
SENSITIVE = []
|
1610
1783
|
include Aws::Structure
|
1611
1784
|
end
|
1612
1785
|
|
@@ -1629,6 +1802,7 @@ module Aws::SecretsManager
|
|
1629
1802
|
:arn,
|
1630
1803
|
:name,
|
1631
1804
|
:version_id)
|
1805
|
+
SENSITIVE = []
|
1632
1806
|
include Aws::Structure
|
1633
1807
|
end
|
1634
1808
|
|
@@ -1658,6 +1832,7 @@ module Aws::SecretsManager
|
|
1658
1832
|
#
|
1659
1833
|
class RotationRulesType < Struct.new(
|
1660
1834
|
:automatically_after_days)
|
1835
|
+
SENSITIVE = []
|
1661
1836
|
include Aws::Structure
|
1662
1837
|
end
|
1663
1838
|
|
@@ -1688,11 +1863,11 @@ module Aws::SecretsManager
|
|
1688
1863
|
# @return [String]
|
1689
1864
|
#
|
1690
1865
|
# @!attribute [rw] kms_key_id
|
1691
|
-
# The ARN or alias of the AWS KMS customer master key (CMK)
|
1692
|
-
#
|
1693
|
-
#
|
1694
|
-
#
|
1695
|
-
#
|
1866
|
+
# The ARN or alias of the AWS KMS customer master key (CMK) used to
|
1867
|
+
# encrypt the `SecretString` and `SecretBinary` fields in each version
|
1868
|
+
# of the secret. If you don't provide a key, then Secrets Manager
|
1869
|
+
# defaults to encrypting the secret fields with the default KMS CMK,
|
1870
|
+
# the key named `awssecretsmanager`, for this account.
|
1696
1871
|
# @return [String]
|
1697
1872
|
#
|
1698
1873
|
# @!attribute [rw] rotation_enabled
|
@@ -1701,9 +1876,9 @@ module Aws::SecretsManager
|
|
1701
1876
|
# @return [Boolean]
|
1702
1877
|
#
|
1703
1878
|
# @!attribute [rw] rotation_lambda_arn
|
1704
|
-
# The ARN of an AWS Lambda function
|
1705
|
-
#
|
1706
|
-
#
|
1879
|
+
# The ARN of an AWS Lambda function invoked by Secrets Manager to
|
1880
|
+
# rotate and expire the secret either automatically per the schedule
|
1881
|
+
# or manually by a call to RotateSecret.
|
1707
1882
|
# @return [String]
|
1708
1883
|
#
|
1709
1884
|
# @!attribute [rw] rotation_rules
|
@@ -1726,21 +1901,21 @@ module Aws::SecretsManager
|
|
1726
1901
|
# @return [Time]
|
1727
1902
|
#
|
1728
1903
|
# @!attribute [rw] deleted_date
|
1729
|
-
# The date and time
|
1730
|
-
# active secrets. The secret can be recovered until the number of
|
1731
|
-
# in the recovery window has passed, as specified in the
|
1904
|
+
# The date and time the deletion of the secret occurred. Not present
|
1905
|
+
# on active secrets. The secret can be recovered until the number of
|
1906
|
+
# days in the recovery window has passed, as specified in the
|
1732
1907
|
# `RecoveryWindowInDays` parameter of the DeleteSecret operation.
|
1733
1908
|
# @return [Time]
|
1734
1909
|
#
|
1735
1910
|
# @!attribute [rw] tags
|
1736
|
-
# The list of user-defined tags
|
1737
|
-
#
|
1911
|
+
# The list of user-defined tags associated with the secret. To add
|
1912
|
+
# tags to a secret, use TagResource. To remove tags, use
|
1738
1913
|
# UntagResource.
|
1739
1914
|
# @return [Array<Types::Tag>]
|
1740
1915
|
#
|
1741
1916
|
# @!attribute [rw] secret_versions_to_stages
|
1742
1917
|
# A list of all of the currently assigned `SecretVersionStage` staging
|
1743
|
-
# labels and the `SecretVersionId`
|
1918
|
+
# labels and the `SecretVersionId` attached to each one. Staging
|
1744
1919
|
# labels are used to keep track of the different versions during the
|
1745
1920
|
# rotation process.
|
1746
1921
|
#
|
@@ -1755,6 +1930,10 @@ module Aws::SecretsManager
|
|
1755
1930
|
# Returns the name of the service that created the secret.
|
1756
1931
|
# @return [String]
|
1757
1932
|
#
|
1933
|
+
# @!attribute [rw] created_date
|
1934
|
+
# The date and time when a secret was created.
|
1935
|
+
# @return [Time]
|
1936
|
+
#
|
1758
1937
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/SecretListEntry AWS API Documentation
|
1759
1938
|
#
|
1760
1939
|
class SecretListEntry < Struct.new(
|
@@ -1771,7 +1950,9 @@ module Aws::SecretsManager
|
|
1771
1950
|
:deleted_date,
|
1772
1951
|
:tags,
|
1773
1952
|
:secret_versions_to_stages,
|
1774
|
-
:owning_service
|
1953
|
+
:owning_service,
|
1954
|
+
:created_date)
|
1955
|
+
SENSITIVE = []
|
1775
1956
|
include Aws::Structure
|
1776
1957
|
end
|
1777
1958
|
|
@@ -1803,6 +1984,7 @@ module Aws::SecretsManager
|
|
1803
1984
|
:version_stages,
|
1804
1985
|
:last_accessed_date,
|
1805
1986
|
:created_date)
|
1987
|
+
SENSITIVE = []
|
1806
1988
|
include Aws::Structure
|
1807
1989
|
end
|
1808
1990
|
|
@@ -1821,7 +2003,7 @@ module Aws::SecretsManager
|
|
1821
2003
|
# @return [String]
|
1822
2004
|
#
|
1823
2005
|
# @!attribute [rw] value
|
1824
|
-
# The string value
|
2006
|
+
# The string value associated with the key of the tag.
|
1825
2007
|
# @return [String]
|
1826
2008
|
#
|
1827
2009
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/Tag AWS API Documentation
|
@@ -1829,6 +2011,7 @@ module Aws::SecretsManager
|
|
1829
2011
|
class Tag < Struct.new(
|
1830
2012
|
:key,
|
1831
2013
|
:value)
|
2014
|
+
SENSITIVE = []
|
1832
2015
|
include Aws::Structure
|
1833
2016
|
end
|
1834
2017
|
|
@@ -1861,9 +2044,15 @@ module Aws::SecretsManager
|
|
1861
2044
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1862
2045
|
# that you’re specifying a complete ARN. This confusion can cause
|
1863
2046
|
# unexpected results. To avoid this situation, we recommend that you
|
1864
|
-
# don’t create secret names
|
2047
|
+
# don’t create secret names ending with a hyphen followed by six
|
1865
2048
|
# characters.
|
1866
2049
|
#
|
2050
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2051
|
+
# instead provide the 'friendly name', you *must* not include the
|
2052
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2053
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2054
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2055
|
+
#
|
1867
2056
|
# </note>
|
1868
2057
|
# @return [String]
|
1869
2058
|
#
|
@@ -1888,6 +2077,7 @@ module Aws::SecretsManager
|
|
1888
2077
|
class TagResourceRequest < Struct.new(
|
1889
2078
|
:secret_id,
|
1890
2079
|
:tags)
|
2080
|
+
SENSITIVE = []
|
1891
2081
|
include Aws::Structure
|
1892
2082
|
end
|
1893
2083
|
|
@@ -1915,9 +2105,15 @@ module Aws::SecretsManager
|
|
1915
2105
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1916
2106
|
# that you’re specifying a complete ARN. This confusion can cause
|
1917
2107
|
# unexpected results. To avoid this situation, we recommend that you
|
1918
|
-
# don’t create secret names
|
2108
|
+
# don’t create secret names ending with a hyphen followed by six
|
1919
2109
|
# characters.
|
1920
2110
|
#
|
2111
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2112
|
+
# instead provide the 'friendly name', you *must* not include the
|
2113
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2114
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2115
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2116
|
+
#
|
1921
2117
|
# </note>
|
1922
2118
|
# @return [String]
|
1923
2119
|
#
|
@@ -1941,6 +2137,7 @@ module Aws::SecretsManager
|
|
1941
2137
|
class UntagResourceRequest < Struct.new(
|
1942
2138
|
:secret_id,
|
1943
2139
|
:tag_keys)
|
2140
|
+
SENSITIVE = []
|
1944
2141
|
include Aws::Structure
|
1945
2142
|
end
|
1946
2143
|
|
@@ -1972,9 +2169,15 @@ module Aws::SecretsManager
|
|
1972
2169
|
# partial ARN, then those characters cause Secrets Manager to assume
|
1973
2170
|
# that you’re specifying a complete ARN. This confusion can cause
|
1974
2171
|
# unexpected results. To avoid this situation, we recommend that you
|
1975
|
-
# don’t create secret names
|
2172
|
+
# don’t create secret names ending with a hyphen followed by six
|
1976
2173
|
# characters.
|
1977
2174
|
#
|
2175
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2176
|
+
# instead provide the 'friendly name', you *must* not include the
|
2177
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2178
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2179
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2180
|
+
#
|
1978
2181
|
# </note>
|
1979
2182
|
# @return [String]
|
1980
2183
|
#
|
@@ -2096,6 +2299,7 @@ module Aws::SecretsManager
|
|
2096
2299
|
:kms_key_id,
|
2097
2300
|
:secret_binary,
|
2098
2301
|
:secret_string)
|
2302
|
+
SENSITIVE = [:secret_binary, :secret_string]
|
2099
2303
|
include Aws::Structure
|
2100
2304
|
end
|
2101
2305
|
|
@@ -2128,6 +2332,7 @@ module Aws::SecretsManager
|
|
2128
2332
|
:arn,
|
2129
2333
|
:name,
|
2130
2334
|
:version_id)
|
2335
|
+
SENSITIVE = []
|
2131
2336
|
include Aws::Structure
|
2132
2337
|
end
|
2133
2338
|
|
@@ -2142,9 +2347,9 @@ module Aws::SecretsManager
|
|
2142
2347
|
# }
|
2143
2348
|
#
|
2144
2349
|
# @!attribute [rw] secret_id
|
2145
|
-
# Specifies the secret with the version
|
2146
|
-
# you want to modify. You can specify either the Amazon
|
2147
|
-
# (ARN) or the friendly name of the secret.
|
2350
|
+
# Specifies the secret with the version with the list of staging
|
2351
|
+
# labels you want to modify. You can specify either the Amazon
|
2352
|
+
# Resource Name (ARN) or the friendly name of the secret.
|
2148
2353
|
#
|
2149
2354
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
2150
2355
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -2157,9 +2362,15 @@ module Aws::SecretsManager
|
|
2157
2362
|
# partial ARN, then those characters cause Secrets Manager to assume
|
2158
2363
|
# that you’re specifying a complete ARN. This confusion can cause
|
2159
2364
|
# unexpected results. To avoid this situation, we recommend that you
|
2160
|
-
# don’t create secret names
|
2365
|
+
# don’t create secret names ending with a hyphen followed by six
|
2161
2366
|
# characters.
|
2162
2367
|
#
|
2368
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2369
|
+
# instead provide the 'friendly name', you *must* not include the
|
2370
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2371
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2372
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2373
|
+
#
|
2163
2374
|
# </note>
|
2164
2375
|
# @return [String]
|
2165
2376
|
#
|
@@ -2179,7 +2390,7 @@ module Aws::SecretsManager
|
|
2179
2390
|
#
|
2180
2391
|
# @!attribute [rw] move_to_version_id
|
2181
2392
|
# (Optional) The secret version ID that you want to add the staging
|
2182
|
-
# label
|
2393
|
+
# label. If you want to remove a label from a version, then do not
|
2183
2394
|
# specify this parameter.
|
2184
2395
|
#
|
2185
2396
|
# If the staging label is already attached to a different version of
|
@@ -2194,16 +2405,16 @@ module Aws::SecretsManager
|
|
2194
2405
|
:version_stage,
|
2195
2406
|
:remove_from_version_id,
|
2196
2407
|
:move_to_version_id)
|
2408
|
+
SENSITIVE = []
|
2197
2409
|
include Aws::Structure
|
2198
2410
|
end
|
2199
2411
|
|
2200
2412
|
# @!attribute [rw] arn
|
2201
|
-
# The ARN of the secret with the staging label
|
2413
|
+
# The ARN of the secret with the modified staging label.
|
2202
2414
|
# @return [String]
|
2203
2415
|
#
|
2204
2416
|
# @!attribute [rw] name
|
2205
|
-
# The friendly name of the secret with the staging label
|
2206
|
-
# modified.
|
2417
|
+
# The friendly name of the secret with the modified staging label.
|
2207
2418
|
# @return [String]
|
2208
2419
|
#
|
2209
2420
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UpdateSecretVersionStageResponse AWS API Documentation
|
@@ -2211,6 +2422,95 @@ module Aws::SecretsManager
|
|
2211
2422
|
class UpdateSecretVersionStageResponse < Struct.new(
|
2212
2423
|
:arn,
|
2213
2424
|
:name)
|
2425
|
+
SENSITIVE = []
|
2426
|
+
include Aws::Structure
|
2427
|
+
end
|
2428
|
+
|
2429
|
+
# @note When making an API call, you may pass ValidateResourcePolicyRequest
|
2430
|
+
# data as a hash:
|
2431
|
+
#
|
2432
|
+
# {
|
2433
|
+
# secret_id: "SecretIdType",
|
2434
|
+
# resource_policy: "NonEmptyResourcePolicyType", # required
|
2435
|
+
# }
|
2436
|
+
#
|
2437
|
+
# @!attribute [rw] secret_id
|
2438
|
+
# The identifier for the secret that you want to validate a resource
|
2439
|
+
# policy. You can specify either the Amazon Resource Name (ARN) or the
|
2440
|
+
# friendly name of the secret.
|
2441
|
+
#
|
2442
|
+
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
2443
|
+
# complete ARN. You can specify a partial ARN too—for example, if you
|
2444
|
+
# don’t include the final hyphen and six random characters that
|
2445
|
+
# Secrets Manager adds at the end of the ARN when you created the
|
2446
|
+
# secret. A partial ARN match can work as long as it uniquely matches
|
2447
|
+
# only one secret. However, if your secret has a name that ends in a
|
2448
|
+
# hyphen followed by six characters (before Secrets Manager adds the
|
2449
|
+
# hyphen and six characters to the ARN) and you try to use that as a
|
2450
|
+
# partial ARN, then those characters cause Secrets Manager to assume
|
2451
|
+
# that you’re specifying a complete ARN. This confusion can cause
|
2452
|
+
# unexpected results. To avoid this situation, we recommend that you
|
2453
|
+
# don’t create secret names ending with a hyphen followed by six
|
2454
|
+
# characters.
|
2455
|
+
#
|
2456
|
+
# If you specify an incomplete ARN without the random suffix, and
|
2457
|
+
# instead provide the 'friendly name', you *must* not include the
|
2458
|
+
# random suffix. If you do include the random suffix added by Secrets
|
2459
|
+
# Manager, you receive either a *ResourceNotFoundException* or an
|
2460
|
+
# *AccessDeniedException* error, depending on your permissions.
|
2461
|
+
#
|
2462
|
+
# </note>
|
2463
|
+
# @return [String]
|
2464
|
+
#
|
2465
|
+
# @!attribute [rw] resource_policy
|
2466
|
+
# Identifies the Resource Policy attached to the secret.
|
2467
|
+
# @return [String]
|
2468
|
+
#
|
2469
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ValidateResourcePolicyRequest AWS API Documentation
|
2470
|
+
#
|
2471
|
+
class ValidateResourcePolicyRequest < Struct.new(
|
2472
|
+
:secret_id,
|
2473
|
+
:resource_policy)
|
2474
|
+
SENSITIVE = []
|
2475
|
+
include Aws::Structure
|
2476
|
+
end
|
2477
|
+
|
2478
|
+
# @!attribute [rw] policy_validation_passed
|
2479
|
+
# Returns a message stating that your Reource Policy passed
|
2480
|
+
# validation.
|
2481
|
+
# @return [Boolean]
|
2482
|
+
#
|
2483
|
+
# @!attribute [rw] validation_errors
|
2484
|
+
# Returns an error message if your policy doesn't pass validatation.
|
2485
|
+
# @return [Array<Types::ValidationErrorsEntry>]
|
2486
|
+
#
|
2487
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ValidateResourcePolicyResponse AWS API Documentation
|
2488
|
+
#
|
2489
|
+
class ValidateResourcePolicyResponse < Struct.new(
|
2490
|
+
:policy_validation_passed,
|
2491
|
+
:validation_errors)
|
2492
|
+
SENSITIVE = []
|
2493
|
+
include Aws::Structure
|
2494
|
+
end
|
2495
|
+
|
2496
|
+
# Displays errors that occurred during validation of the resource
|
2497
|
+
# policy.
|
2498
|
+
#
|
2499
|
+
# @!attribute [rw] check_name
|
2500
|
+
# Checks the name of the policy.
|
2501
|
+
# @return [String]
|
2502
|
+
#
|
2503
|
+
# @!attribute [rw] error_message
|
2504
|
+
# Displays error messages if validation encounters problems during
|
2505
|
+
# validation of the resource policy.
|
2506
|
+
# @return [String]
|
2507
|
+
#
|
2508
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ValidationErrorsEntry AWS API Documentation
|
2509
|
+
#
|
2510
|
+
class ValidationErrorsEntry < Struct.new(
|
2511
|
+
:check_name,
|
2512
|
+
:error_message)
|
2513
|
+
SENSITIVE = []
|
2214
2514
|
include Aws::Structure
|
2215
2515
|
end
|
2216
2516
|
|