aws-sdk-secretsmanager 1.44.0 → 1.45.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-secretsmanager.rb +1 -1
- data/lib/aws-sdk-secretsmanager/client.rb +240 -49
- data/lib/aws-sdk-secretsmanager/client_api.rb +97 -0
- data/lib/aws-sdk-secretsmanager/types.rb +314 -51
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d846c13bffe56b68cf541256000b48cc80ae134843af7263c7742e7bdfbaf2b7
|
4
|
+
data.tar.gz: 3d8dfc8bfb52906c7af56b69e3f6f71908db55658b68c01c17ce3a0c08744f2b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fc9fb09b8111bab8e4a69f57dd24213feadee71f931ce288ccfae967383125995ef3977855603e659238d671d9b3cc7407ae47fe3547369afbba5bef511aa63f
|
7
|
+
data.tar.gz: c2abdb72a7948aa4fee2f32821c1da57debe4e824cf6e613ec786da6aff60500c650fa8a5e4081cefc637a7d7d1de213a3b65a15bce7e82b99c4a78962b4d9bc
|
@@ -584,7 +584,7 @@ module Aws::SecretsManager
|
|
584
584
|
#
|
585
585
|
# * If a version with this value already exists and that version's
|
586
586
|
# `SecretString` and `SecretBinary` values are different from those in
|
587
|
-
# the request then the request fails because you cannot modify an
|
587
|
+
# the request, then the request fails because you cannot modify an
|
588
588
|
# existing version. Instead, use PutSecretValue to create a new
|
589
589
|
# version.
|
590
590
|
#
|
@@ -714,11 +714,21 @@ module Aws::SecretsManager
|
|
714
714
|
#
|
715
715
|
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
716
716
|
#
|
717
|
+
# @option params [Array<Types::ReplicaRegionType>] :add_replica_regions
|
718
|
+
# (Optional) Add a list of regions to replicate secrets. Secrets Manager
|
719
|
+
# replicates the KMSKeyID objects to the list of regions specified in
|
720
|
+
# the parameter.
|
721
|
+
#
|
722
|
+
# @option params [Boolean] :force_overwrite_replica_secret
|
723
|
+
# (Optional) If set, the replication overwrites a secret with the same
|
724
|
+
# name in the destination region.
|
725
|
+
#
|
717
726
|
# @return [Types::CreateSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
718
727
|
#
|
719
728
|
# * {Types::CreateSecretResponse#arn #arn} => String
|
720
729
|
# * {Types::CreateSecretResponse#name #name} => String
|
721
730
|
# * {Types::CreateSecretResponse#version_id #version_id} => String
|
731
|
+
# * {Types::CreateSecretResponse#replication_status #replication_status} => Array<Types::ReplicationStatusType>
|
722
732
|
#
|
723
733
|
#
|
724
734
|
# @example Example: To create a basic secret
|
@@ -755,6 +765,13 @@ module Aws::SecretsManager
|
|
755
765
|
# value: "TagValueType",
|
756
766
|
# },
|
757
767
|
# ],
|
768
|
+
# add_replica_regions: [
|
769
|
+
# {
|
770
|
+
# region: "RegionType",
|
771
|
+
# kms_key_id: "KmsKeyIdType",
|
772
|
+
# },
|
773
|
+
# ],
|
774
|
+
# force_overwrite_replica_secret: false,
|
758
775
|
# })
|
759
776
|
#
|
760
777
|
# @example Response structure
|
@@ -762,6 +779,12 @@ module Aws::SecretsManager
|
|
762
779
|
# resp.arn #=> String
|
763
780
|
# resp.name #=> String
|
764
781
|
# resp.version_id #=> String
|
782
|
+
# resp.replication_status #=> Array
|
783
|
+
# resp.replication_status[0].region #=> String
|
784
|
+
# resp.replication_status[0].kms_key_id #=> String
|
785
|
+
# resp.replication_status[0].status #=> String, one of "InSync", "Failed", "InProgress"
|
786
|
+
# resp.replication_status[0].status_message #=> String
|
787
|
+
# resp.replication_status[0].last_accessed_date #=> Time
|
765
788
|
#
|
766
789
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/CreateSecret AWS API Documentation
|
767
790
|
#
|
@@ -786,8 +809,8 @@ module Aws::SecretsManager
|
|
786
809
|
#
|
787
810
|
# * To attach a resource policy to a secret, use PutResourcePolicy.
|
788
811
|
#
|
789
|
-
# * To retrieve the current resource-based policy
|
790
|
-
#
|
812
|
+
# * To retrieve the current resource-based policy attached to a secret,
|
813
|
+
# use GetResourcePolicy.
|
791
814
|
#
|
792
815
|
# * To list all of the currently available secrets, use ListSecrets.
|
793
816
|
#
|
@@ -857,7 +880,7 @@ module Aws::SecretsManager
|
|
857
880
|
req.send_request(options)
|
858
881
|
end
|
859
882
|
|
860
|
-
# Deletes an entire secret and all of
|
883
|
+
# Deletes an entire secret and all of the versions. You can optionally
|
861
884
|
# include a recovery window during which you can restore the secret. If
|
862
885
|
# you don't specify a recovery window value, the operation defaults to
|
863
886
|
# 30 days. Secrets Manager attaches a `DeletionDate` stamp to the secret
|
@@ -867,17 +890,17 @@ module Aws::SecretsManager
|
|
867
890
|
# At any time before recovery window ends, you can use RestoreSecret to
|
868
891
|
# remove the `DeletionDate` and cancel the deletion of the secret.
|
869
892
|
#
|
870
|
-
# You cannot access the encrypted secret information in any secret
|
871
|
-
#
|
893
|
+
# You cannot access the encrypted secret information in any secret
|
894
|
+
# scheduled for deletion. If you need to access that information, you
|
872
895
|
# must cancel the deletion with RestoreSecret and then retrieve the
|
873
896
|
# information.
|
874
897
|
#
|
875
898
|
# <note markdown="1"> * There is no explicit operation to delete a version of a secret.
|
876
899
|
# Instead, remove all staging labels from the `VersionStage` field of
|
877
900
|
# a version. That marks the version as deprecated and allows Secrets
|
878
|
-
# Manager to delete it as needed. Versions
|
879
|
-
#
|
880
|
-
#
|
901
|
+
# Manager to delete it as needed. Versions without any staging labels
|
902
|
+
# do not show up in ListSecretVersionIds unless you specify
|
903
|
+
# `IncludeDeprecated`.
|
881
904
|
#
|
882
905
|
# * The permanent secret deletion at the end of the waiting period is
|
883
906
|
# performed as a background task with low priority. There is no
|
@@ -902,8 +925,8 @@ module Aws::SecretsManager
|
|
902
925
|
# window has expired, use RestoreSecret.
|
903
926
|
#
|
904
927
|
# @option params [required, String] :secret_id
|
905
|
-
# Specifies the secret
|
906
|
-
#
|
928
|
+
# Specifies the secret to delete. You can specify either the Amazon
|
929
|
+
# Resource Name (ARN) or the friendly name of the secret.
|
907
930
|
#
|
908
931
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
909
932
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -928,10 +951,11 @@ module Aws::SecretsManager
|
|
928
951
|
#
|
929
952
|
# @option params [Integer] :recovery_window_in_days
|
930
953
|
# (Optional) Specifies the number of days that Secrets Manager waits
|
931
|
-
# before
|
932
|
-
# and the `ForceDeleteWithoutRecovery` parameter in the same
|
954
|
+
# before Secrets Manager can delete the secret. You can't use both this
|
955
|
+
# parameter and the `ForceDeleteWithoutRecovery` parameter in the same
|
956
|
+
# API call.
|
933
957
|
#
|
934
|
-
# This value can range from 7 to 30 days
|
958
|
+
# This value can range from 7 to 30 days with a default value of 30.
|
935
959
|
#
|
936
960
|
# @option params [Boolean] :force_delete_without_recovery
|
937
961
|
# (Optional) Specifies that the secret is to be deleted without any
|
@@ -948,8 +972,12 @@ module Aws::SecretsManager
|
|
948
972
|
# to skip the normal waiting period before the permanent deletion that
|
949
973
|
# AWS would normally impose with the `RecoveryWindowInDays` parameter.
|
950
974
|
# If you delete a secret with the `ForceDeleteWithouRecovery` parameter,
|
951
|
-
# then you have no opportunity to recover the secret.
|
952
|
-
#
|
975
|
+
# then you have no opportunity to recover the secret. You lose the
|
976
|
+
# secret permanently.
|
977
|
+
#
|
978
|
+
# If you use this parameter and include a previously deleted or
|
979
|
+
# nonexistent secret, the operation does not return the error
|
980
|
+
# `ResourceNotFoundException` in order to correctly handle retries.
|
953
981
|
#
|
954
982
|
# @return [Types::DeleteSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
955
983
|
#
|
@@ -1065,6 +1093,8 @@ module Aws::SecretsManager
|
|
1065
1093
|
# * {Types::DescribeSecretResponse#version_ids_to_stages #version_ids_to_stages} => Hash<String,Array<String>>
|
1066
1094
|
# * {Types::DescribeSecretResponse#owning_service #owning_service} => String
|
1067
1095
|
# * {Types::DescribeSecretResponse#created_date #created_date} => Time
|
1096
|
+
# * {Types::DescribeSecretResponse#primary_region #primary_region} => String
|
1097
|
+
# * {Types::DescribeSecretResponse#replication_status #replication_status} => Array<Types::ReplicationStatusType>
|
1068
1098
|
#
|
1069
1099
|
#
|
1070
1100
|
# @example Example: To retrieve the details of a secret
|
@@ -1136,6 +1166,13 @@ module Aws::SecretsManager
|
|
1136
1166
|
# resp.version_ids_to_stages["SecretVersionIdType"][0] #=> String
|
1137
1167
|
# resp.owning_service #=> String
|
1138
1168
|
# resp.created_date #=> Time
|
1169
|
+
# resp.primary_region #=> String
|
1170
|
+
# resp.replication_status #=> Array
|
1171
|
+
# resp.replication_status[0].region #=> String
|
1172
|
+
# resp.replication_status[0].kms_key_id #=> String
|
1173
|
+
# resp.replication_status[0].status #=> String, one of "InSync", "Failed", "InProgress"
|
1174
|
+
# resp.replication_status[0].status_message #=> String
|
1175
|
+
# resp.replication_status[0].last_accessed_date #=> Time
|
1139
1176
|
#
|
1140
1177
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DescribeSecret AWS API Documentation
|
1141
1178
|
#
|
@@ -1395,10 +1432,11 @@ module Aws::SecretsManager
|
|
1395
1432
|
#
|
1396
1433
|
# @option params [String] :version_id
|
1397
1434
|
# Specifies the unique identifier of the version of the secret that you
|
1398
|
-
# want to retrieve. If you specify this parameter
|
1399
|
-
# `VersionStage
|
1400
|
-
#
|
1401
|
-
#
|
1435
|
+
# want to retrieve. If you specify both this parameter and
|
1436
|
+
# `VersionStage`, the two parameters must refer to the same secret
|
1437
|
+
# version. If you don't specify either a `VersionStage` or `VersionId`
|
1438
|
+
# then the default is to perform the operation on the version with the
|
1439
|
+
# `VersionStage` value of `AWSCURRENT`.
|
1402
1440
|
#
|
1403
1441
|
# This value is typically a [UUID-type][1] value with 32 hexadecimal
|
1404
1442
|
# digits.
|
@@ -1412,10 +1450,11 @@ module Aws::SecretsManager
|
|
1412
1450
|
# label attached to the version.
|
1413
1451
|
#
|
1414
1452
|
# Staging labels are used to keep track of different versions during the
|
1415
|
-
# rotation process. If you
|
1416
|
-
#
|
1417
|
-
#
|
1418
|
-
#
|
1453
|
+
# rotation process. If you specify both this parameter and `VersionId`,
|
1454
|
+
# the two parameters must refer to the same secret version . If you
|
1455
|
+
# don't specify either a `VersionStage` or `VersionId`, then the
|
1456
|
+
# default is to perform the operation on the version with the
|
1457
|
+
# `VersionStage` value of `AWSCURRENT`.
|
1419
1458
|
#
|
1420
1459
|
# @return [Types::GetSecretValueResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1421
1460
|
#
|
@@ -1738,7 +1777,7 @@ module Aws::SecretsManager
|
|
1738
1777
|
# next_token: "NextTokenType",
|
1739
1778
|
# filters: [
|
1740
1779
|
# {
|
1741
|
-
# key: "description", # accepts description, name, tag-key, tag-value, all
|
1780
|
+
# key: "description", # accepts description, name, tag-key, tag-value, primary-region, all
|
1742
1781
|
# values: ["FilterValueStringType"],
|
1743
1782
|
# },
|
1744
1783
|
# ],
|
@@ -1767,6 +1806,7 @@ module Aws::SecretsManager
|
|
1767
1806
|
# resp.secret_list[0].secret_versions_to_stages["SecretVersionIdType"][0] #=> String
|
1768
1807
|
# resp.secret_list[0].owning_service #=> String
|
1769
1808
|
# resp.secret_list[0].created_date #=> Time
|
1809
|
+
# resp.secret_list[0].primary_region #=> String
|
1770
1810
|
# resp.next_token #=> String
|
1771
1811
|
#
|
1772
1812
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ListSecrets AWS API Documentation
|
@@ -1803,8 +1843,8 @@ module Aws::SecretsManager
|
|
1803
1843
|
# * To retrieve the resource policy attached to a secret, use
|
1804
1844
|
# GetResourcePolicy.
|
1805
1845
|
#
|
1806
|
-
# * To delete the resource-based policy
|
1807
|
-
#
|
1846
|
+
# * To delete the resource-based policy attached to a secret, use
|
1847
|
+
# DeleteResourcePolicy.
|
1808
1848
|
#
|
1809
1849
|
# * To list all of the currently available secrets, use ListSecrets.
|
1810
1850
|
#
|
@@ -1814,8 +1854,9 @@ module Aws::SecretsManager
|
|
1814
1854
|
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html
|
1815
1855
|
#
|
1816
1856
|
# @option params [required, String] :secret_id
|
1817
|
-
# Specifies the secret that you want to attach the resource-based
|
1818
|
-
#
|
1857
|
+
# Specifies the secret that you want to attach the resource-based
|
1858
|
+
# policy. You can specify either the ARN or the friendly name of the
|
1859
|
+
# secret.
|
1819
1860
|
#
|
1820
1861
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
1821
1862
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -1839,8 +1880,8 @@ module Aws::SecretsManager
|
|
1839
1880
|
# </note>
|
1840
1881
|
#
|
1841
1882
|
# @option params [required, String] :resource_policy
|
1842
|
-
# A JSON-formatted string
|
1843
|
-
#
|
1883
|
+
# A JSON-formatted string constructed according to the grammar and
|
1884
|
+
# syntax for an AWS resource-based policy. The policy in the string
|
1844
1885
|
# identifies who can access or manage this secret and its versions. For
|
1845
1886
|
# information on how to format a JSON parameter for the various command
|
1846
1887
|
# line tool environments, see [Using JSON for Parameters][1] in the *AWS
|
@@ -1851,8 +1892,9 @@ module Aws::SecretsManager
|
|
1851
1892
|
# [1]: http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
1852
1893
|
#
|
1853
1894
|
# @option params [Boolean] :block_public_policy
|
1854
|
-
#
|
1855
|
-
#
|
1895
|
+
# (Optional) If you set the parameter, `BlockPublicPolicy` to true, then
|
1896
|
+
# you block resource-based policies that allow broad access to the
|
1897
|
+
# secret.
|
1856
1898
|
#
|
1857
1899
|
# @return [Types::PutResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1858
1900
|
#
|
@@ -1913,13 +1955,12 @@ module Aws::SecretsManager
|
|
1913
1955
|
# Secrets Manager automatically attaches the staging label
|
1914
1956
|
# `AWSCURRENT` to the new version.
|
1915
1957
|
#
|
1916
|
-
# * If
|
1917
|
-
#
|
1918
|
-
#
|
1958
|
+
# * If you do not specify a value for VersionStages then Secrets Manager
|
1959
|
+
# automatically moves the staging label `AWSCURRENT` to this new
|
1960
|
+
# version.
|
1919
1961
|
#
|
1920
1962
|
# * If this operation moves the staging label `AWSCURRENT` from another
|
1921
|
-
# version to this version
|
1922
|
-
# `StagingLabels` parameter) then Secrets Manager also automatically
|
1963
|
+
# version to this version, then Secrets Manager also automatically
|
1923
1964
|
# moves the staging label `AWSPREVIOUS` to the version that
|
1924
1965
|
# `AWSCURRENT` was removed from.
|
1925
1966
|
#
|
@@ -2158,6 +2199,95 @@ module Aws::SecretsManager
|
|
2158
2199
|
req.send_request(options)
|
2159
2200
|
end
|
2160
2201
|
|
2202
|
+
# Remove regions from replication.
|
2203
|
+
#
|
2204
|
+
# @option params [required, String] :secret_id
|
2205
|
+
# Remove a secret by `SecretId` from replica Regions.
|
2206
|
+
#
|
2207
|
+
# @option params [required, Array<String>] :remove_replica_regions
|
2208
|
+
# Remove replication from specific Regions.
|
2209
|
+
#
|
2210
|
+
# @return [Types::RemoveRegionsFromReplicationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2211
|
+
#
|
2212
|
+
# * {Types::RemoveRegionsFromReplicationResponse#arn #arn} => String
|
2213
|
+
# * {Types::RemoveRegionsFromReplicationResponse#replication_status #replication_status} => Array<Types::ReplicationStatusType>
|
2214
|
+
#
|
2215
|
+
# @example Request syntax with placeholder values
|
2216
|
+
#
|
2217
|
+
# resp = client.remove_regions_from_replication({
|
2218
|
+
# secret_id: "SecretIdType", # required
|
2219
|
+
# remove_replica_regions: ["RegionType"], # required
|
2220
|
+
# })
|
2221
|
+
#
|
2222
|
+
# @example Response structure
|
2223
|
+
#
|
2224
|
+
# resp.arn #=> String
|
2225
|
+
# resp.replication_status #=> Array
|
2226
|
+
# resp.replication_status[0].region #=> String
|
2227
|
+
# resp.replication_status[0].kms_key_id #=> String
|
2228
|
+
# resp.replication_status[0].status #=> String, one of "InSync", "Failed", "InProgress"
|
2229
|
+
# resp.replication_status[0].status_message #=> String
|
2230
|
+
# resp.replication_status[0].last_accessed_date #=> Time
|
2231
|
+
#
|
2232
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RemoveRegionsFromReplication AWS API Documentation
|
2233
|
+
#
|
2234
|
+
# @overload remove_regions_from_replication(params = {})
|
2235
|
+
# @param [Hash] params ({})
|
2236
|
+
def remove_regions_from_replication(params = {}, options = {})
|
2237
|
+
req = build_request(:remove_regions_from_replication, params)
|
2238
|
+
req.send_request(options)
|
2239
|
+
end
|
2240
|
+
|
2241
|
+
# Converts an existing secret to a multi-Region secret and begins
|
2242
|
+
# replication the secret to a list of new regions.
|
2243
|
+
#
|
2244
|
+
# @option params [required, String] :secret_id
|
2245
|
+
# Use the `Secret Id` to replicate a secret to regions.
|
2246
|
+
#
|
2247
|
+
# @option params [required, Array<Types::ReplicaRegionType>] :add_replica_regions
|
2248
|
+
# Add Regions to replicate the secret.
|
2249
|
+
#
|
2250
|
+
# @option params [Boolean] :force_overwrite_replica_secret
|
2251
|
+
# (Optional) If set, Secrets Manager replication overwrites a secret
|
2252
|
+
# with the same name in the destination region.
|
2253
|
+
#
|
2254
|
+
# @return [Types::ReplicateSecretToRegionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2255
|
+
#
|
2256
|
+
# * {Types::ReplicateSecretToRegionsResponse#arn #arn} => String
|
2257
|
+
# * {Types::ReplicateSecretToRegionsResponse#replication_status #replication_status} => Array<Types::ReplicationStatusType>
|
2258
|
+
#
|
2259
|
+
# @example Request syntax with placeholder values
|
2260
|
+
#
|
2261
|
+
# resp = client.replicate_secret_to_regions({
|
2262
|
+
# secret_id: "SecretIdType", # required
|
2263
|
+
# add_replica_regions: [ # required
|
2264
|
+
# {
|
2265
|
+
# region: "RegionType",
|
2266
|
+
# kms_key_id: "KmsKeyIdType",
|
2267
|
+
# },
|
2268
|
+
# ],
|
2269
|
+
# force_overwrite_replica_secret: false,
|
2270
|
+
# })
|
2271
|
+
#
|
2272
|
+
# @example Response structure
|
2273
|
+
#
|
2274
|
+
# resp.arn #=> String
|
2275
|
+
# resp.replication_status #=> Array
|
2276
|
+
# resp.replication_status[0].region #=> String
|
2277
|
+
# resp.replication_status[0].kms_key_id #=> String
|
2278
|
+
# resp.replication_status[0].status #=> String, one of "InSync", "Failed", "InProgress"
|
2279
|
+
# resp.replication_status[0].status_message #=> String
|
2280
|
+
# resp.replication_status[0].last_accessed_date #=> Time
|
2281
|
+
#
|
2282
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ReplicateSecretToRegions AWS API Documentation
|
2283
|
+
#
|
2284
|
+
# @overload replicate_secret_to_regions(params = {})
|
2285
|
+
# @param [Hash] params ({})
|
2286
|
+
def replicate_secret_to_regions(params = {}, options = {})
|
2287
|
+
req = build_request(:replicate_secret_to_regions, params)
|
2288
|
+
req.send_request(options)
|
2289
|
+
end
|
2290
|
+
|
2161
2291
|
# Cancels the scheduled deletion of a secret by removing the
|
2162
2292
|
# `DeletedDate` time stamp. This makes the secret accessible to query
|
2163
2293
|
# once again.
|
@@ -2400,6 +2530,36 @@ module Aws::SecretsManager
|
|
2400
2530
|
req.send_request(options)
|
2401
2531
|
end
|
2402
2532
|
|
2533
|
+
# Removes the secret from replication and promotes the secret to a
|
2534
|
+
# regional secret in the replica Region.
|
2535
|
+
#
|
2536
|
+
# @option params [required, String] :secret_id
|
2537
|
+
# Response to `StopReplicationToReplica` of a secret, based on the
|
2538
|
+
# `SecretId`.
|
2539
|
+
#
|
2540
|
+
# @return [Types::StopReplicationToReplicaResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2541
|
+
#
|
2542
|
+
# * {Types::StopReplicationToReplicaResponse#arn #arn} => String
|
2543
|
+
#
|
2544
|
+
# @example Request syntax with placeholder values
|
2545
|
+
#
|
2546
|
+
# resp = client.stop_replication_to_replica({
|
2547
|
+
# secret_id: "SecretIdType", # required
|
2548
|
+
# })
|
2549
|
+
#
|
2550
|
+
# @example Response structure
|
2551
|
+
#
|
2552
|
+
# resp.arn #=> String
|
2553
|
+
#
|
2554
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/StopReplicationToReplica AWS API Documentation
|
2555
|
+
#
|
2556
|
+
# @overload stop_replication_to_replica(params = {})
|
2557
|
+
# @param [Hash] params ({})
|
2558
|
+
def stop_replication_to_replica(params = {}, options = {})
|
2559
|
+
req = build_request(:stop_replication_to_replica, params)
|
2560
|
+
req.send_request(options)
|
2561
|
+
end
|
2562
|
+
|
2403
2563
|
# Attaches one or more tags, each consisting of a key name and a value,
|
2404
2564
|
# to the specified secret. Tags are part of the secret's overall
|
2405
2565
|
# metadata, and are not associated with any specific version of the
|
@@ -2481,7 +2641,7 @@ module Aws::SecretsManager
|
|
2481
2641
|
# information on how to format a JSON parameter for the various command
|
2482
2642
|
# line tool environments, see [Using JSON for Parameters][1] in the *AWS
|
2483
2643
|
# CLI User Guide*. For the AWS CLI, you can also use the syntax: `--Tags
|
2484
|
-
# Key="Key1",Value="Value1"
|
2644
|
+
# Key="Key1",Value="Value1" Key="Key2",Value="Value2"[,…]`
|
2485
2645
|
#
|
2486
2646
|
#
|
2487
2647
|
#
|
@@ -3088,16 +3248,38 @@ module Aws::SecretsManager
|
|
3088
3248
|
req.send_request(options)
|
3089
3249
|
end
|
3090
3250
|
|
3091
|
-
# Validates the
|
3092
|
-
# to
|
3093
|
-
# output displays formatted code with white space and line
|
3094
|
-
# better readability. Submit your input as a single line JSON
|
3095
|
-
# resource-based policy is optional.
|
3251
|
+
# Validates that the resource policy does not grant a wide range of IAM
|
3252
|
+
# principals access to your secret. The JSON request string input and
|
3253
|
+
# response output displays formatted code with white space and line
|
3254
|
+
# breaks for better readability. Submit your input as a single line JSON
|
3255
|
+
# string. A resource-based policy is optional for secrets.
|
3256
|
+
#
|
3257
|
+
# The API performs three checks when validating the secret:
|
3258
|
+
#
|
3259
|
+
# * Sends a call to [Zelkova][1], an automated reasoning engine, to
|
3260
|
+
# ensure your Resource Policy does not allow broad access to your
|
3261
|
+
# secret.
|
3262
|
+
#
|
3263
|
+
# * Checks for correct syntax in a policy.
|
3264
|
+
#
|
3265
|
+
# * Verifies the policy does not lock out a caller.
|
3266
|
+
#
|
3267
|
+
# **Minimum Permissions**
|
3268
|
+
#
|
3269
|
+
# You must have the permissions required to access the following APIs:
|
3270
|
+
#
|
3271
|
+
# * `secretsmanager:PutResourcePolicy`
|
3272
|
+
#
|
3273
|
+
# * `secretsmanager:ValidateResourcePolicy`
|
3274
|
+
#
|
3275
|
+
#
|
3276
|
+
#
|
3277
|
+
# [1]: https://aws.amazon.com/blogs/security/protect-sensitive-data-in-the-cloud-with-automated-reasoning-zelkova/
|
3096
3278
|
#
|
3097
3279
|
# @option params [String] :secret_id
|
3098
|
-
# The identifier
|
3099
|
-
#
|
3100
|
-
# friendly name of the secret.
|
3280
|
+
# (Optional) The identifier of the secret with the resource-based policy
|
3281
|
+
# you want to validate. You can specify either the Amazon Resource Name
|
3282
|
+
# (ARN) or the friendly name of the secret.
|
3101
3283
|
#
|
3102
3284
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
3103
3285
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -3121,7 +3303,16 @@ module Aws::SecretsManager
|
|
3121
3303
|
# </note>
|
3122
3304
|
#
|
3123
3305
|
# @option params [required, String] :resource_policy
|
3124
|
-
#
|
3306
|
+
# A JSON-formatted string constructed according to the grammar and
|
3307
|
+
# syntax for an AWS resource-based policy. The policy in the string
|
3308
|
+
# identifies who can access or manage this secret and its versions. For
|
3309
|
+
# information on how to format a JSON parameter for the various command
|
3310
|
+
# line tool environments, see [Using JSON for Parameters][1] in the *AWS
|
3311
|
+
# CLI User Guide*.publi
|
3312
|
+
#
|
3313
|
+
#
|
3314
|
+
#
|
3315
|
+
# [1]: http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
3125
3316
|
#
|
3126
3317
|
# @return [Types::ValidateResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3127
3318
|
#
|
@@ -3181,7 +3372,7 @@ module Aws::SecretsManager
|
|
3181
3372
|
params: params,
|
3182
3373
|
config: config)
|
3183
3374
|
context[:gem_name] = 'aws-sdk-secretsmanager'
|
3184
|
-
context[:gem_version] = '1.
|
3375
|
+
context[:gem_version] = '1.45.0'
|
3185
3376
|
Seahorse::Client::Request.new(handlers, context)
|
3186
3377
|
end
|
3187
3378
|
|
@@ -13,6 +13,7 @@ module Aws::SecretsManager
|
|
13
13
|
|
14
14
|
include Seahorse::Model
|
15
15
|
|
16
|
+
AddReplicaRegionListType = Shapes::ListShape.new(name: 'AddReplicaRegionListType')
|
16
17
|
AutomaticallyRotateAfterDaysType = Shapes::IntegerShape.new(name: 'AutomaticallyRotateAfterDaysType')
|
17
18
|
BooleanType = Shapes::BooleanShape.new(name: 'BooleanType')
|
18
19
|
CancelRotateSecretRequest = Shapes::StructureShape.new(name: 'CancelRotateSecretRequest')
|
@@ -78,6 +79,15 @@ module Aws::SecretsManager
|
|
78
79
|
PutSecretValueResponse = Shapes::StructureShape.new(name: 'PutSecretValueResponse')
|
79
80
|
RandomPasswordType = Shapes::StringShape.new(name: 'RandomPasswordType')
|
80
81
|
RecoveryWindowInDaysType = Shapes::IntegerShape.new(name: 'RecoveryWindowInDaysType')
|
82
|
+
RegionType = Shapes::StringShape.new(name: 'RegionType')
|
83
|
+
RemoveRegionsFromReplicationRequest = Shapes::StructureShape.new(name: 'RemoveRegionsFromReplicationRequest')
|
84
|
+
RemoveRegionsFromReplicationResponse = Shapes::StructureShape.new(name: 'RemoveRegionsFromReplicationResponse')
|
85
|
+
RemoveReplicaRegionListType = Shapes::ListShape.new(name: 'RemoveReplicaRegionListType')
|
86
|
+
ReplicaRegionType = Shapes::StructureShape.new(name: 'ReplicaRegionType')
|
87
|
+
ReplicateSecretToRegionsRequest = Shapes::StructureShape.new(name: 'ReplicateSecretToRegionsRequest')
|
88
|
+
ReplicateSecretToRegionsResponse = Shapes::StructureShape.new(name: 'ReplicateSecretToRegionsResponse')
|
89
|
+
ReplicationStatusListType = Shapes::ListShape.new(name: 'ReplicationStatusListType')
|
90
|
+
ReplicationStatusType = Shapes::StructureShape.new(name: 'ReplicationStatusType')
|
81
91
|
RequireEachIncludedTypeType = Shapes::BooleanShape.new(name: 'RequireEachIncludedTypeType')
|
82
92
|
ResourceExistsException = Shapes::StructureShape.new(name: 'ResourceExistsException')
|
83
93
|
ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
|
@@ -102,6 +112,10 @@ module Aws::SecretsManager
|
|
102
112
|
SecretVersionsListType = Shapes::ListShape.new(name: 'SecretVersionsListType')
|
103
113
|
SecretVersionsToStagesMapType = Shapes::MapShape.new(name: 'SecretVersionsToStagesMapType')
|
104
114
|
SortOrderType = Shapes::StringShape.new(name: 'SortOrderType')
|
115
|
+
StatusMessageType = Shapes::StringShape.new(name: 'StatusMessageType')
|
116
|
+
StatusType = Shapes::StringShape.new(name: 'StatusType')
|
117
|
+
StopReplicationToReplicaRequest = Shapes::StructureShape.new(name: 'StopReplicationToReplicaRequest')
|
118
|
+
StopReplicationToReplicaResponse = Shapes::StructureShape.new(name: 'StopReplicationToReplicaResponse')
|
105
119
|
Tag = Shapes::StructureShape.new(name: 'Tag')
|
106
120
|
TagKeyListType = Shapes::ListShape.new(name: 'TagKeyListType')
|
107
121
|
TagKeyType = Shapes::StringShape.new(name: 'TagKeyType')
|
@@ -119,6 +133,8 @@ module Aws::SecretsManager
|
|
119
133
|
ValidationErrorsEntry = Shapes::StructureShape.new(name: 'ValidationErrorsEntry')
|
120
134
|
ValidationErrorsType = Shapes::ListShape.new(name: 'ValidationErrorsType')
|
121
135
|
|
136
|
+
AddReplicaRegionListType.member = Shapes::ShapeRef.new(shape: ReplicaRegionType)
|
137
|
+
|
122
138
|
CancelRotateSecretRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
|
123
139
|
CancelRotateSecretRequest.struct_class = Types::CancelRotateSecretRequest
|
124
140
|
|
@@ -134,11 +150,14 @@ module Aws::SecretsManager
|
|
134
150
|
CreateSecretRequest.add_member(:secret_binary, Shapes::ShapeRef.new(shape: SecretBinaryType, location_name: "SecretBinary"))
|
135
151
|
CreateSecretRequest.add_member(:secret_string, Shapes::ShapeRef.new(shape: SecretStringType, location_name: "SecretString"))
|
136
152
|
CreateSecretRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagListType, location_name: "Tags"))
|
153
|
+
CreateSecretRequest.add_member(:add_replica_regions, Shapes::ShapeRef.new(shape: AddReplicaRegionListType, location_name: "AddReplicaRegions"))
|
154
|
+
CreateSecretRequest.add_member(:force_overwrite_replica_secret, Shapes::ShapeRef.new(shape: BooleanType, location_name: "ForceOverwriteReplicaSecret"))
|
137
155
|
CreateSecretRequest.struct_class = Types::CreateSecretRequest
|
138
156
|
|
139
157
|
CreateSecretResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
|
140
158
|
CreateSecretResponse.add_member(:name, Shapes::ShapeRef.new(shape: SecretNameType, location_name: "Name"))
|
141
159
|
CreateSecretResponse.add_member(:version_id, Shapes::ShapeRef.new(shape: SecretVersionIdType, location_name: "VersionId"))
|
160
|
+
CreateSecretResponse.add_member(:replication_status, Shapes::ShapeRef.new(shape: ReplicationStatusListType, location_name: "ReplicationStatus"))
|
142
161
|
CreateSecretResponse.struct_class = Types::CreateSecretResponse
|
143
162
|
|
144
163
|
DecryptionFailure.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
@@ -179,6 +198,8 @@ module Aws::SecretsManager
|
|
179
198
|
DescribeSecretResponse.add_member(:version_ids_to_stages, Shapes::ShapeRef.new(shape: SecretVersionsToStagesMapType, location_name: "VersionIdsToStages"))
|
180
199
|
DescribeSecretResponse.add_member(:owning_service, Shapes::ShapeRef.new(shape: OwningServiceType, location_name: "OwningService"))
|
181
200
|
DescribeSecretResponse.add_member(:created_date, Shapes::ShapeRef.new(shape: TimestampType, location_name: "CreatedDate", metadata: {"box"=>true}))
|
201
|
+
DescribeSecretResponse.add_member(:primary_region, Shapes::ShapeRef.new(shape: RegionType, location_name: "PrimaryRegion"))
|
202
|
+
DescribeSecretResponse.add_member(:replication_status, Shapes::ShapeRef.new(shape: ReplicationStatusListType, location_name: "ReplicationStatus"))
|
182
203
|
DescribeSecretResponse.struct_class = Types::DescribeSecretResponse
|
183
204
|
|
184
205
|
EncryptionFailure.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
@@ -295,6 +316,38 @@ module Aws::SecretsManager
|
|
295
316
|
PutSecretValueResponse.add_member(:version_stages, Shapes::ShapeRef.new(shape: SecretVersionStagesType, location_name: "VersionStages"))
|
296
317
|
PutSecretValueResponse.struct_class = Types::PutSecretValueResponse
|
297
318
|
|
319
|
+
RemoveRegionsFromReplicationRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
|
320
|
+
RemoveRegionsFromReplicationRequest.add_member(:remove_replica_regions, Shapes::ShapeRef.new(shape: RemoveReplicaRegionListType, required: true, location_name: "RemoveReplicaRegions"))
|
321
|
+
RemoveRegionsFromReplicationRequest.struct_class = Types::RemoveRegionsFromReplicationRequest
|
322
|
+
|
323
|
+
RemoveRegionsFromReplicationResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
|
324
|
+
RemoveRegionsFromReplicationResponse.add_member(:replication_status, Shapes::ShapeRef.new(shape: ReplicationStatusListType, location_name: "ReplicationStatus"))
|
325
|
+
RemoveRegionsFromReplicationResponse.struct_class = Types::RemoveRegionsFromReplicationResponse
|
326
|
+
|
327
|
+
RemoveReplicaRegionListType.member = Shapes::ShapeRef.new(shape: RegionType)
|
328
|
+
|
329
|
+
ReplicaRegionType.add_member(:region, Shapes::ShapeRef.new(shape: RegionType, location_name: "Region"))
|
330
|
+
ReplicaRegionType.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: KmsKeyIdType, location_name: "KmsKeyId"))
|
331
|
+
ReplicaRegionType.struct_class = Types::ReplicaRegionType
|
332
|
+
|
333
|
+
ReplicateSecretToRegionsRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
|
334
|
+
ReplicateSecretToRegionsRequest.add_member(:add_replica_regions, Shapes::ShapeRef.new(shape: AddReplicaRegionListType, required: true, location_name: "AddReplicaRegions"))
|
335
|
+
ReplicateSecretToRegionsRequest.add_member(:force_overwrite_replica_secret, Shapes::ShapeRef.new(shape: BooleanType, location_name: "ForceOverwriteReplicaSecret"))
|
336
|
+
ReplicateSecretToRegionsRequest.struct_class = Types::ReplicateSecretToRegionsRequest
|
337
|
+
|
338
|
+
ReplicateSecretToRegionsResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
|
339
|
+
ReplicateSecretToRegionsResponse.add_member(:replication_status, Shapes::ShapeRef.new(shape: ReplicationStatusListType, location_name: "ReplicationStatus"))
|
340
|
+
ReplicateSecretToRegionsResponse.struct_class = Types::ReplicateSecretToRegionsResponse
|
341
|
+
|
342
|
+
ReplicationStatusListType.member = Shapes::ShapeRef.new(shape: ReplicationStatusType)
|
343
|
+
|
344
|
+
ReplicationStatusType.add_member(:region, Shapes::ShapeRef.new(shape: RegionType, location_name: "Region"))
|
345
|
+
ReplicationStatusType.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: KmsKeyIdType, location_name: "KmsKeyId"))
|
346
|
+
ReplicationStatusType.add_member(:status, Shapes::ShapeRef.new(shape: StatusType, location_name: "Status"))
|
347
|
+
ReplicationStatusType.add_member(:status_message, Shapes::ShapeRef.new(shape: StatusMessageType, location_name: "StatusMessage"))
|
348
|
+
ReplicationStatusType.add_member(:last_accessed_date, Shapes::ShapeRef.new(shape: LastAccessedDateType, location_name: "LastAccessedDate"))
|
349
|
+
ReplicationStatusType.struct_class = Types::ReplicationStatusType
|
350
|
+
|
298
351
|
ResourceExistsException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
299
352
|
ResourceExistsException.struct_class = Types::ResourceExistsException
|
300
353
|
|
@@ -337,6 +390,7 @@ module Aws::SecretsManager
|
|
337
390
|
SecretListEntry.add_member(:secret_versions_to_stages, Shapes::ShapeRef.new(shape: SecretVersionsToStagesMapType, location_name: "SecretVersionsToStages"))
|
338
391
|
SecretListEntry.add_member(:owning_service, Shapes::ShapeRef.new(shape: OwningServiceType, location_name: "OwningService"))
|
339
392
|
SecretListEntry.add_member(:created_date, Shapes::ShapeRef.new(shape: TimestampType, location_name: "CreatedDate", metadata: {"box"=>true}))
|
393
|
+
SecretListEntry.add_member(:primary_region, Shapes::ShapeRef.new(shape: RegionType, location_name: "PrimaryRegion"))
|
340
394
|
SecretListEntry.struct_class = Types::SecretListEntry
|
341
395
|
|
342
396
|
SecretListType.member = Shapes::ShapeRef.new(shape: SecretListEntry)
|
@@ -354,6 +408,12 @@ module Aws::SecretsManager
|
|
354
408
|
SecretVersionsToStagesMapType.key = Shapes::ShapeRef.new(shape: SecretVersionIdType)
|
355
409
|
SecretVersionsToStagesMapType.value = Shapes::ShapeRef.new(shape: SecretVersionStagesType)
|
356
410
|
|
411
|
+
StopReplicationToReplicaRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
|
412
|
+
StopReplicationToReplicaRequest.struct_class = Types::StopReplicationToReplicaRequest
|
413
|
+
|
414
|
+
StopReplicationToReplicaResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
|
415
|
+
StopReplicationToReplicaResponse.struct_class = Types::StopReplicationToReplicaResponse
|
416
|
+
|
357
417
|
Tag.add_member(:key, Shapes::ShapeRef.new(shape: TagKeyType, location_name: "Key"))
|
358
418
|
Tag.add_member(:value, Shapes::ShapeRef.new(shape: TagValueType, location_name: "Value"))
|
359
419
|
Tag.struct_class = Types::Tag
|
@@ -464,6 +524,7 @@ module Aws::SecretsManager
|
|
464
524
|
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
465
525
|
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
466
526
|
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
527
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
467
528
|
end)
|
468
529
|
|
469
530
|
api.add_operation(:delete_secret, Seahorse::Model::Operation.new.tap do |o|
|
@@ -586,6 +647,30 @@ module Aws::SecretsManager
|
|
586
647
|
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
587
648
|
end)
|
588
649
|
|
650
|
+
api.add_operation(:remove_regions_from_replication, Seahorse::Model::Operation.new.tap do |o|
|
651
|
+
o.name = "RemoveRegionsFromReplication"
|
652
|
+
o.http_method = "POST"
|
653
|
+
o.http_request_uri = "/"
|
654
|
+
o.input = Shapes::ShapeRef.new(shape: RemoveRegionsFromReplicationRequest)
|
655
|
+
o.output = Shapes::ShapeRef.new(shape: RemoveRegionsFromReplicationResponse)
|
656
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
657
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
658
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
659
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
660
|
+
end)
|
661
|
+
|
662
|
+
api.add_operation(:replicate_secret_to_regions, Seahorse::Model::Operation.new.tap do |o|
|
663
|
+
o.name = "ReplicateSecretToRegions"
|
664
|
+
o.http_method = "POST"
|
665
|
+
o.http_request_uri = "/"
|
666
|
+
o.input = Shapes::ShapeRef.new(shape: ReplicateSecretToRegionsRequest)
|
667
|
+
o.output = Shapes::ShapeRef.new(shape: ReplicateSecretToRegionsResponse)
|
668
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
669
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
670
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
671
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
672
|
+
end)
|
673
|
+
|
589
674
|
api.add_operation(:restore_secret, Seahorse::Model::Operation.new.tap do |o|
|
590
675
|
o.name = "RestoreSecret"
|
591
676
|
o.http_method = "POST"
|
@@ -610,6 +695,18 @@ module Aws::SecretsManager
|
|
610
695
|
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
611
696
|
end)
|
612
697
|
|
698
|
+
api.add_operation(:stop_replication_to_replica, Seahorse::Model::Operation.new.tap do |o|
|
699
|
+
o.name = "StopReplicationToReplica"
|
700
|
+
o.http_method = "POST"
|
701
|
+
o.http_request_uri = "/"
|
702
|
+
o.input = Shapes::ShapeRef.new(shape: StopReplicationToReplicaRequest)
|
703
|
+
o.output = Shapes::ShapeRef.new(shape: StopReplicationToReplicaResponse)
|
704
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
705
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
|
706
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
707
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
|
708
|
+
end)
|
709
|
+
|
613
710
|
api.add_operation(:tag_resource, Seahorse::Model::Operation.new.tap do |o|
|
614
711
|
o.name = "TagResource"
|
615
712
|
o.http_method = "POST"
|
@@ -96,6 +96,13 @@ module Aws::SecretsManager
|
|
96
96
|
# value: "TagValueType",
|
97
97
|
# },
|
98
98
|
# ],
|
99
|
+
# add_replica_regions: [
|
100
|
+
# {
|
101
|
+
# region: "RegionType",
|
102
|
+
# kms_key_id: "KmsKeyIdType",
|
103
|
+
# },
|
104
|
+
# ],
|
105
|
+
# force_overwrite_replica_secret: false,
|
99
106
|
# }
|
100
107
|
#
|
101
108
|
# @!attribute [rw] name
|
@@ -143,8 +150,8 @@ module Aws::SecretsManager
|
|
143
150
|
#
|
144
151
|
# * If a version with this value already exists and that version's
|
145
152
|
# `SecretString` and `SecretBinary` values are different from those
|
146
|
-
# in the request then the request fails because you cannot modify
|
147
|
-
# existing version. Instead, use PutSecretValue to create a new
|
153
|
+
# in the request, then the request fails because you cannot modify
|
154
|
+
# an existing version. Instead, use PutSecretValue to create a new
|
148
155
|
# version.
|
149
156
|
#
|
150
157
|
# This value becomes the `VersionId` of the new version.
|
@@ -279,6 +286,17 @@ module Aws::SecretsManager
|
|
279
286
|
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
280
287
|
# @return [Array<Types::Tag>]
|
281
288
|
#
|
289
|
+
# @!attribute [rw] add_replica_regions
|
290
|
+
# (Optional) Add a list of regions to replicate secrets. Secrets
|
291
|
+
# Manager replicates the KMSKeyID objects to the list of regions
|
292
|
+
# specified in the parameter.
|
293
|
+
# @return [Array<Types::ReplicaRegionType>]
|
294
|
+
#
|
295
|
+
# @!attribute [rw] force_overwrite_replica_secret
|
296
|
+
# (Optional) If set, the replication overwrites a secret with the same
|
297
|
+
# name in the destination region.
|
298
|
+
# @return [Boolean]
|
299
|
+
#
|
282
300
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/CreateSecretRequest AWS API Documentation
|
283
301
|
#
|
284
302
|
class CreateSecretRequest < Struct.new(
|
@@ -288,7 +306,9 @@ module Aws::SecretsManager
|
|
288
306
|
:kms_key_id,
|
289
307
|
:secret_binary,
|
290
308
|
:secret_string,
|
291
|
-
:tags
|
309
|
+
:tags,
|
310
|
+
:add_replica_regions,
|
311
|
+
:force_overwrite_replica_secret)
|
292
312
|
SENSITIVE = [:secret_binary, :secret_string]
|
293
313
|
include Aws::Structure
|
294
314
|
end
|
@@ -316,12 +336,18 @@ module Aws::SecretsManager
|
|
316
336
|
# just created.
|
317
337
|
# @return [String]
|
318
338
|
#
|
339
|
+
# @!attribute [rw] replication_status
|
340
|
+
# Describes a list of replication status objects as `InProgress`,
|
341
|
+
# `Failed` or `InSync`.
|
342
|
+
# @return [Array<Types::ReplicationStatusType>]
|
343
|
+
#
|
319
344
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/CreateSecretResponse AWS API Documentation
|
320
345
|
#
|
321
346
|
class CreateSecretResponse < Struct.new(
|
322
347
|
:arn,
|
323
348
|
:name,
|
324
|
-
:version_id
|
349
|
+
:version_id,
|
350
|
+
:replication_status)
|
325
351
|
SENSITIVE = []
|
326
352
|
include Aws::Structure
|
327
353
|
end
|
@@ -412,8 +438,8 @@ module Aws::SecretsManager
|
|
412
438
|
# }
|
413
439
|
#
|
414
440
|
# @!attribute [rw] secret_id
|
415
|
-
# Specifies the secret
|
416
|
-
#
|
441
|
+
# Specifies the secret to delete. You can specify either the Amazon
|
442
|
+
# Resource Name (ARN) or the friendly name of the secret.
|
417
443
|
#
|
418
444
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
419
445
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -440,10 +466,11 @@ module Aws::SecretsManager
|
|
440
466
|
#
|
441
467
|
# @!attribute [rw] recovery_window_in_days
|
442
468
|
# (Optional) Specifies the number of days that Secrets Manager waits
|
443
|
-
# before
|
444
|
-
# and the `ForceDeleteWithoutRecovery` parameter in the
|
469
|
+
# before Secrets Manager can delete the secret. You can't use both
|
470
|
+
# this parameter and the `ForceDeleteWithoutRecovery` parameter in the
|
471
|
+
# same API call.
|
445
472
|
#
|
446
|
-
# This value can range from 7 to 30 days
|
473
|
+
# This value can range from 7 to 30 days with a default value of 30.
|
447
474
|
# @return [Integer]
|
448
475
|
#
|
449
476
|
# @!attribute [rw] force_delete_without_recovery
|
@@ -461,8 +488,12 @@ module Aws::SecretsManager
|
|
461
488
|
# to skip the normal waiting period before the permanent deletion that
|
462
489
|
# AWS would normally impose with the `RecoveryWindowInDays` parameter.
|
463
490
|
# If you delete a secret with the `ForceDeleteWithouRecovery`
|
464
|
-
# parameter, then you have no opportunity to recover the secret.
|
465
|
-
# permanently
|
491
|
+
# parameter, then you have no opportunity to recover the secret. You
|
492
|
+
# lose the secret permanently.
|
493
|
+
#
|
494
|
+
# If you use this parameter and include a previously deleted or
|
495
|
+
# nonexistent secret, the operation does not return the error
|
496
|
+
# `ResourceNotFoundException` in order to correctly handle retries.
|
466
497
|
# @return [Boolean]
|
467
498
|
#
|
468
499
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DeleteSecretRequest AWS API Documentation
|
@@ -480,7 +511,7 @@ module Aws::SecretsManager
|
|
480
511
|
# @return [String]
|
481
512
|
#
|
482
513
|
# @!attribute [rw] name
|
483
|
-
# The friendly name of the secret
|
514
|
+
# The friendly name of the secret currently scheduled for deletion.
|
484
515
|
# @return [String]
|
485
516
|
#
|
486
517
|
# @!attribute [rw] deletion_date
|
@@ -578,14 +609,16 @@ module Aws::SecretsManager
|
|
578
609
|
# @return [String]
|
579
610
|
#
|
580
611
|
# @!attribute [rw] rotation_rules
|
581
|
-
# A structure
|
582
|
-
# secret.
|
612
|
+
# A structure with the rotation configuration for this secret.
|
583
613
|
# @return [Types::RotationRulesType]
|
584
614
|
#
|
585
615
|
# @!attribute [rw] last_rotated_date
|
616
|
+
# The last date and time that the rotation process for this secret was
|
617
|
+
# invoked.
|
618
|
+
#
|
586
619
|
# The most recent date and time that the Secrets Manager rotation
|
587
|
-
# process
|
588
|
-
#
|
620
|
+
# process successfully completed. If the secret doesn't rotate,
|
621
|
+
# Secrets Manager returns a null value.
|
589
622
|
# @return [Time]
|
590
623
|
#
|
591
624
|
# @!attribute [rw] last_changed_date
|
@@ -632,9 +665,18 @@ module Aws::SecretsManager
|
|
632
665
|
# @return [String]
|
633
666
|
#
|
634
667
|
# @!attribute [rw] created_date
|
635
|
-
# The date
|
668
|
+
# The date you created the secret.
|
636
669
|
# @return [Time]
|
637
670
|
#
|
671
|
+
# @!attribute [rw] primary_region
|
672
|
+
# Specifies the primary region for secret replication.
|
673
|
+
# @return [String]
|
674
|
+
#
|
675
|
+
# @!attribute [rw] replication_status
|
676
|
+
# Describes a list of replication status objects as `InProgress`,
|
677
|
+
# `Failed` or `InSync`.`P`
|
678
|
+
# @return [Array<Types::ReplicationStatusType>]
|
679
|
+
#
|
638
680
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DescribeSecretResponse AWS API Documentation
|
639
681
|
#
|
640
682
|
class DescribeSecretResponse < Struct.new(
|
@@ -652,7 +694,9 @@ module Aws::SecretsManager
|
|
652
694
|
:tags,
|
653
695
|
:version_ids_to_stages,
|
654
696
|
:owning_service,
|
655
|
-
:created_date
|
697
|
+
:created_date,
|
698
|
+
:primary_region,
|
699
|
+
:replication_status)
|
656
700
|
SENSITIVE = []
|
657
701
|
include Aws::Structure
|
658
702
|
end
|
@@ -677,13 +721,14 @@ module Aws::SecretsManager
|
|
677
721
|
include Aws::Structure
|
678
722
|
end
|
679
723
|
|
680
|
-
# Allows you to
|
724
|
+
# Allows you to add filters when you use the search function in Secrets
|
725
|
+
# Manager.
|
681
726
|
#
|
682
727
|
# @note When making an API call, you may pass Filter
|
683
728
|
# data as a hash:
|
684
729
|
#
|
685
730
|
# {
|
686
|
-
# key: "description", # accepts description, name, tag-key, tag-value, all
|
731
|
+
# key: "description", # accepts description, name, tag-key, tag-value, primary-region, all
|
687
732
|
# values: ["FilterValueStringType"],
|
688
733
|
# }
|
689
734
|
#
|
@@ -693,6 +738,9 @@ module Aws::SecretsManager
|
|
693
738
|
#
|
694
739
|
# @!attribute [rw] values
|
695
740
|
# Filters your list of secrets by a specific value.
|
741
|
+
#
|
742
|
+
# You can prefix your search value with an exclamation mark (`!`) in
|
743
|
+
# order to perform negation filters.
|
696
744
|
# @return [Array<String>]
|
697
745
|
#
|
698
746
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/Filter AWS API Documentation
|
@@ -916,11 +964,11 @@ module Aws::SecretsManager
|
|
916
964
|
#
|
917
965
|
# @!attribute [rw] version_id
|
918
966
|
# Specifies the unique identifier of the version of the secret that
|
919
|
-
# you want to retrieve. If you specify this parameter
|
920
|
-
#
|
921
|
-
#
|
922
|
-
#
|
923
|
-
# `AWSCURRENT`.
|
967
|
+
# you want to retrieve. If you specify both this parameter and
|
968
|
+
# `VersionStage`, the two parameters must refer to the same secret
|
969
|
+
# version. If you don't specify either a `VersionStage` or
|
970
|
+
# `VersionId` then the default is to perform the operation on the
|
971
|
+
# version with the `VersionStage` value of `AWSCURRENT`.
|
924
972
|
#
|
925
973
|
# This value is typically a [UUID-type][1] value with 32 hexadecimal
|
926
974
|
# digits.
|
@@ -935,8 +983,9 @@ module Aws::SecretsManager
|
|
935
983
|
# staging label attached to the version.
|
936
984
|
#
|
937
985
|
# Staging labels are used to keep track of different versions during
|
938
|
-
# the rotation process. If you
|
939
|
-
# `VersionId
|
986
|
+
# the rotation process. If you specify both this parameter and
|
987
|
+
# `VersionId`, the two parameters must refer to the same secret
|
988
|
+
# version . If you don't specify either a `VersionStage` or
|
940
989
|
# `VersionId`, then the default is to perform the operation on the
|
941
990
|
# version with the `VersionStage` value of `AWSCURRENT`.
|
942
991
|
# @return [String]
|
@@ -1226,7 +1275,7 @@ module Aws::SecretsManager
|
|
1226
1275
|
# next_token: "NextTokenType",
|
1227
1276
|
# filters: [
|
1228
1277
|
# {
|
1229
|
-
# key: "description", # accepts description, name, tag-key, tag-value, all
|
1278
|
+
# key: "description", # accepts description, name, tag-key, tag-value, primary-region, all
|
1230
1279
|
# values: ["FilterValueStringType"],
|
1231
1280
|
# },
|
1232
1281
|
# ],
|
@@ -1297,7 +1346,7 @@ module Aws::SecretsManager
|
|
1297
1346
|
include Aws::Structure
|
1298
1347
|
end
|
1299
1348
|
|
1300
|
-
#
|
1349
|
+
# You provided a resource-based policy with syntax errors.
|
1301
1350
|
#
|
1302
1351
|
# @!attribute [rw] message
|
1303
1352
|
# @return [String]
|
@@ -1324,7 +1373,8 @@ module Aws::SecretsManager
|
|
1324
1373
|
include Aws::Structure
|
1325
1374
|
end
|
1326
1375
|
|
1327
|
-
# The
|
1376
|
+
# The BlockPublicPolicy parameter is set to true and the resource policy
|
1377
|
+
# did not prevent broad access to the secret.
|
1328
1378
|
#
|
1329
1379
|
# @!attribute [rw] message
|
1330
1380
|
# @return [String]
|
@@ -1348,8 +1398,8 @@ module Aws::SecretsManager
|
|
1348
1398
|
#
|
1349
1399
|
# @!attribute [rw] secret_id
|
1350
1400
|
# Specifies the secret that you want to attach the resource-based
|
1351
|
-
# policy
|
1352
|
-
#
|
1401
|
+
# policy. You can specify either the ARN or the friendly name of the
|
1402
|
+
# secret.
|
1353
1403
|
#
|
1354
1404
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
1355
1405
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -1375,12 +1425,12 @@ module Aws::SecretsManager
|
|
1375
1425
|
# @return [String]
|
1376
1426
|
#
|
1377
1427
|
# @!attribute [rw] resource_policy
|
1378
|
-
# A JSON-formatted string
|
1379
|
-
#
|
1380
|
-
#
|
1381
|
-
#
|
1382
|
-
#
|
1383
|
-
#
|
1428
|
+
# A JSON-formatted string constructed according to the grammar and
|
1429
|
+
# syntax for an AWS resource-based policy. The policy in the string
|
1430
|
+
# identifies who can access or manage this secret and its versions.
|
1431
|
+
# For information on how to format a JSON parameter for the various
|
1432
|
+
# command line tool environments, see [Using JSON for Parameters][1]
|
1433
|
+
# in the *AWS CLI User Guide*.
|
1384
1434
|
#
|
1385
1435
|
#
|
1386
1436
|
#
|
@@ -1388,8 +1438,9 @@ module Aws::SecretsManager
|
|
1388
1438
|
# @return [String]
|
1389
1439
|
#
|
1390
1440
|
# @!attribute [rw] block_public_policy
|
1391
|
-
#
|
1392
|
-
#
|
1441
|
+
# (Optional) If you set the parameter, `BlockPublicPolicy` to true,
|
1442
|
+
# then you block resource-based policies that allow broad access to
|
1443
|
+
# the secret.
|
1393
1444
|
# @return [Boolean]
|
1394
1445
|
#
|
1395
1446
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyRequest AWS API Documentation
|
@@ -1407,8 +1458,8 @@ module Aws::SecretsManager
|
|
1407
1458
|
# @return [String]
|
1408
1459
|
#
|
1409
1460
|
# @!attribute [rw] name
|
1410
|
-
# The friendly name of the secret
|
1411
|
-
#
|
1461
|
+
# The friendly name of the secret retrieved by the resource-based
|
1462
|
+
# policy.
|
1412
1463
|
# @return [String]
|
1413
1464
|
#
|
1414
1465
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyResponse AWS API Documentation
|
@@ -1608,6 +1659,170 @@ module Aws::SecretsManager
|
|
1608
1659
|
include Aws::Structure
|
1609
1660
|
end
|
1610
1661
|
|
1662
|
+
# @note When making an API call, you may pass RemoveRegionsFromReplicationRequest
|
1663
|
+
# data as a hash:
|
1664
|
+
#
|
1665
|
+
# {
|
1666
|
+
# secret_id: "SecretIdType", # required
|
1667
|
+
# remove_replica_regions: ["RegionType"], # required
|
1668
|
+
# }
|
1669
|
+
#
|
1670
|
+
# @!attribute [rw] secret_id
|
1671
|
+
# Remove a secret by `SecretId` from replica Regions.
|
1672
|
+
# @return [String]
|
1673
|
+
#
|
1674
|
+
# @!attribute [rw] remove_replica_regions
|
1675
|
+
# Remove replication from specific Regions.
|
1676
|
+
# @return [Array<String>]
|
1677
|
+
#
|
1678
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RemoveRegionsFromReplicationRequest AWS API Documentation
|
1679
|
+
#
|
1680
|
+
class RemoveRegionsFromReplicationRequest < Struct.new(
|
1681
|
+
:secret_id,
|
1682
|
+
:remove_replica_regions)
|
1683
|
+
SENSITIVE = []
|
1684
|
+
include Aws::Structure
|
1685
|
+
end
|
1686
|
+
|
1687
|
+
# @!attribute [rw] arn
|
1688
|
+
# The secret `ARN` removed from replication regions.
|
1689
|
+
# @return [String]
|
1690
|
+
#
|
1691
|
+
# @!attribute [rw] replication_status
|
1692
|
+
# Describes the remaining replication status after you remove regions
|
1693
|
+
# from the replication list.
|
1694
|
+
# @return [Array<Types::ReplicationStatusType>]
|
1695
|
+
#
|
1696
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RemoveRegionsFromReplicationResponse AWS API Documentation
|
1697
|
+
#
|
1698
|
+
class RemoveRegionsFromReplicationResponse < Struct.new(
|
1699
|
+
:arn,
|
1700
|
+
:replication_status)
|
1701
|
+
SENSITIVE = []
|
1702
|
+
include Aws::Structure
|
1703
|
+
end
|
1704
|
+
|
1705
|
+
# (Optional) Custom type consisting of a `Region` (required) and the
|
1706
|
+
# `KmsKeyId` which can be an `ARN`, `Key ID`, or `Alias`.
|
1707
|
+
#
|
1708
|
+
# @note When making an API call, you may pass ReplicaRegionType
|
1709
|
+
# data as a hash:
|
1710
|
+
#
|
1711
|
+
# {
|
1712
|
+
# region: "RegionType",
|
1713
|
+
# kms_key_id: "KmsKeyIdType",
|
1714
|
+
# }
|
1715
|
+
#
|
1716
|
+
# @!attribute [rw] region
|
1717
|
+
# Describes a single instance of Region objects.
|
1718
|
+
# @return [String]
|
1719
|
+
#
|
1720
|
+
# @!attribute [rw] kms_key_id
|
1721
|
+
# Can be an `ARN`, `Key ID`, or `Alias`.
|
1722
|
+
# @return [String]
|
1723
|
+
#
|
1724
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ReplicaRegionType AWS API Documentation
|
1725
|
+
#
|
1726
|
+
class ReplicaRegionType < Struct.new(
|
1727
|
+
:region,
|
1728
|
+
:kms_key_id)
|
1729
|
+
SENSITIVE = []
|
1730
|
+
include Aws::Structure
|
1731
|
+
end
|
1732
|
+
|
1733
|
+
# @note When making an API call, you may pass ReplicateSecretToRegionsRequest
|
1734
|
+
# data as a hash:
|
1735
|
+
#
|
1736
|
+
# {
|
1737
|
+
# secret_id: "SecretIdType", # required
|
1738
|
+
# add_replica_regions: [ # required
|
1739
|
+
# {
|
1740
|
+
# region: "RegionType",
|
1741
|
+
# kms_key_id: "KmsKeyIdType",
|
1742
|
+
# },
|
1743
|
+
# ],
|
1744
|
+
# force_overwrite_replica_secret: false,
|
1745
|
+
# }
|
1746
|
+
#
|
1747
|
+
# @!attribute [rw] secret_id
|
1748
|
+
# Use the `Secret Id` to replicate a secret to regions.
|
1749
|
+
# @return [String]
|
1750
|
+
#
|
1751
|
+
# @!attribute [rw] add_replica_regions
|
1752
|
+
# Add Regions to replicate the secret.
|
1753
|
+
# @return [Array<Types::ReplicaRegionType>]
|
1754
|
+
#
|
1755
|
+
# @!attribute [rw] force_overwrite_replica_secret
|
1756
|
+
# (Optional) If set, Secrets Manager replication overwrites a secret
|
1757
|
+
# with the same name in the destination region.
|
1758
|
+
# @return [Boolean]
|
1759
|
+
#
|
1760
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ReplicateSecretToRegionsRequest AWS API Documentation
|
1761
|
+
#
|
1762
|
+
class ReplicateSecretToRegionsRequest < Struct.new(
|
1763
|
+
:secret_id,
|
1764
|
+
:add_replica_regions,
|
1765
|
+
:force_overwrite_replica_secret)
|
1766
|
+
SENSITIVE = []
|
1767
|
+
include Aws::Structure
|
1768
|
+
end
|
1769
|
+
|
1770
|
+
# @!attribute [rw] arn
|
1771
|
+
# Replicate a secret based on the `ReplicaRegionType`> consisting
|
1772
|
+
# of a Region(required) and a KMSKeyId (optional) which can be the
|
1773
|
+
# ARN, KeyID, or Alias.
|
1774
|
+
# @return [String]
|
1775
|
+
#
|
1776
|
+
# @!attribute [rw] replication_status
|
1777
|
+
# Describes the secret replication status as `PENDING`, `SUCCESS` or
|
1778
|
+
# `FAIL`.
|
1779
|
+
# @return [Array<Types::ReplicationStatusType>]
|
1780
|
+
#
|
1781
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ReplicateSecretToRegionsResponse AWS API Documentation
|
1782
|
+
#
|
1783
|
+
class ReplicateSecretToRegionsResponse < Struct.new(
|
1784
|
+
:arn,
|
1785
|
+
:replication_status)
|
1786
|
+
SENSITIVE = []
|
1787
|
+
include Aws::Structure
|
1788
|
+
end
|
1789
|
+
|
1790
|
+
# A replication object consisting of a `RegionReplicationStatus` object
|
1791
|
+
# and includes a Region, KMSKeyId, status, and status message.
|
1792
|
+
#
|
1793
|
+
# @!attribute [rw] region
|
1794
|
+
# The Region where replication occurs.
|
1795
|
+
# @return [String]
|
1796
|
+
#
|
1797
|
+
# @!attribute [rw] kms_key_id
|
1798
|
+
# Can be an `ARN`, `Key ID`, or `Alias`.
|
1799
|
+
# @return [String]
|
1800
|
+
#
|
1801
|
+
# @!attribute [rw] status
|
1802
|
+
# The status can be `InProgress`, `Failed`, or `InSync`.
|
1803
|
+
# @return [String]
|
1804
|
+
#
|
1805
|
+
# @!attribute [rw] status_message
|
1806
|
+
# Status message such as "*Secret with this name already exists in
|
1807
|
+
# this region*".
|
1808
|
+
# @return [String]
|
1809
|
+
#
|
1810
|
+
# @!attribute [rw] last_accessed_date
|
1811
|
+
# The date that you last accessed the secret in the Region.
|
1812
|
+
# @return [Time]
|
1813
|
+
#
|
1814
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ReplicationStatusType AWS API Documentation
|
1815
|
+
#
|
1816
|
+
class ReplicationStatusType < Struct.new(
|
1817
|
+
:region,
|
1818
|
+
:kms_key_id,
|
1819
|
+
:status,
|
1820
|
+
:status_message,
|
1821
|
+
:last_accessed_date)
|
1822
|
+
SENSITIVE = []
|
1823
|
+
include Aws::Structure
|
1824
|
+
end
|
1825
|
+
|
1611
1826
|
# A resource with the ID you requested already exists.
|
1612
1827
|
#
|
1613
1828
|
# @!attribute [rw] message
|
@@ -1886,8 +2101,9 @@ module Aws::SecretsManager
|
|
1886
2101
|
# @return [Types::RotationRulesType]
|
1887
2102
|
#
|
1888
2103
|
# @!attribute [rw] last_rotated_date
|
1889
|
-
# The
|
1890
|
-
#
|
2104
|
+
# The most recent date and time that the Secrets Manager rotation
|
2105
|
+
# process was successfully completed. This value is null if the secret
|
2106
|
+
# hasn't ever rotated.
|
1891
2107
|
# @return [Time]
|
1892
2108
|
#
|
1893
2109
|
# @!attribute [rw] last_changed_date
|
@@ -1934,6 +2150,10 @@ module Aws::SecretsManager
|
|
1934
2150
|
# The date and time when a secret was created.
|
1935
2151
|
# @return [Time]
|
1936
2152
|
#
|
2153
|
+
# @!attribute [rw] primary_region
|
2154
|
+
# The Region where Secrets Manager originated the secret.
|
2155
|
+
# @return [String]
|
2156
|
+
#
|
1937
2157
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/SecretListEntry AWS API Documentation
|
1938
2158
|
#
|
1939
2159
|
class SecretListEntry < Struct.new(
|
@@ -1951,7 +2171,8 @@ module Aws::SecretsManager
|
|
1951
2171
|
:tags,
|
1952
2172
|
:secret_versions_to_stages,
|
1953
2173
|
:owning_service,
|
1954
|
-
:created_date
|
2174
|
+
:created_date,
|
2175
|
+
:primary_region)
|
1955
2176
|
SENSITIVE = []
|
1956
2177
|
include Aws::Structure
|
1957
2178
|
end
|
@@ -1988,6 +2209,39 @@ module Aws::SecretsManager
|
|
1988
2209
|
include Aws::Structure
|
1989
2210
|
end
|
1990
2211
|
|
2212
|
+
# @note When making an API call, you may pass StopReplicationToReplicaRequest
|
2213
|
+
# data as a hash:
|
2214
|
+
#
|
2215
|
+
# {
|
2216
|
+
# secret_id: "SecretIdType", # required
|
2217
|
+
# }
|
2218
|
+
#
|
2219
|
+
# @!attribute [rw] secret_id
|
2220
|
+
# Response to `StopReplicationToReplica` of a secret, based on the
|
2221
|
+
# `SecretId`.
|
2222
|
+
# @return [String]
|
2223
|
+
#
|
2224
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/StopReplicationToReplicaRequest AWS API Documentation
|
2225
|
+
#
|
2226
|
+
class StopReplicationToReplicaRequest < Struct.new(
|
2227
|
+
:secret_id)
|
2228
|
+
SENSITIVE = []
|
2229
|
+
include Aws::Structure
|
2230
|
+
end
|
2231
|
+
|
2232
|
+
# @!attribute [rw] arn
|
2233
|
+
# Response `StopReplicationToReplica` of a secret, based on the
|
2234
|
+
# `ARN,`.
|
2235
|
+
# @return [String]
|
2236
|
+
#
|
2237
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/StopReplicationToReplicaResponse AWS API Documentation
|
2238
|
+
#
|
2239
|
+
class StopReplicationToReplicaResponse < Struct.new(
|
2240
|
+
:arn)
|
2241
|
+
SENSITIVE = []
|
2242
|
+
include Aws::Structure
|
2243
|
+
end
|
2244
|
+
|
1991
2245
|
# A structure that contains information about a tag.
|
1992
2246
|
#
|
1993
2247
|
# @note When making an API call, you may pass Tag
|
@@ -2064,8 +2318,8 @@ module Aws::SecretsManager
|
|
2064
2318
|
# information on how to format a JSON parameter for the various
|
2065
2319
|
# command line tool environments, see [Using JSON for Parameters][1]
|
2066
2320
|
# in the *AWS CLI User Guide*. For the AWS CLI, you can also use the
|
2067
|
-
# syntax: `--Tags
|
2068
|
-
# Key="
|
2321
|
+
# syntax: `--Tags Key="Key1",Value="Value1"
|
2322
|
+
# Key="Key2",Value="Value2"[,…]`
|
2069
2323
|
#
|
2070
2324
|
#
|
2071
2325
|
#
|
@@ -2435,9 +2689,9 @@ module Aws::SecretsManager
|
|
2435
2689
|
# }
|
2436
2690
|
#
|
2437
2691
|
# @!attribute [rw] secret_id
|
2438
|
-
# The identifier
|
2439
|
-
# policy. You can specify either the Amazon
|
2440
|
-
# friendly name of the secret.
|
2692
|
+
# (Optional) The identifier of the secret with the resource-based
|
2693
|
+
# policy you want to validate. You can specify either the Amazon
|
2694
|
+
# Resource Name (ARN) or the friendly name of the secret.
|
2441
2695
|
#
|
2442
2696
|
# <note markdown="1"> If you specify an ARN, we generally recommend that you specify a
|
2443
2697
|
# complete ARN. You can specify a partial ARN too—for example, if you
|
@@ -2463,7 +2717,16 @@ module Aws::SecretsManager
|
|
2463
2717
|
# @return [String]
|
2464
2718
|
#
|
2465
2719
|
# @!attribute [rw] resource_policy
|
2466
|
-
#
|
2720
|
+
# A JSON-formatted string constructed according to the grammar and
|
2721
|
+
# syntax for an AWS resource-based policy. The policy in the string
|
2722
|
+
# identifies who can access or manage this secret and its versions.
|
2723
|
+
# For information on how to format a JSON parameter for the various
|
2724
|
+
# command line tool environments, see [Using JSON for Parameters][1]
|
2725
|
+
# in the *AWS CLI User Guide*.publi
|
2726
|
+
#
|
2727
|
+
#
|
2728
|
+
#
|
2729
|
+
# [1]: http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
2467
2730
|
# @return [String]
|
2468
2731
|
#
|
2469
2732
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ValidateResourcePolicyRequest AWS API Documentation
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-secretsmanager
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.45.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-03-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|