aws-sdk-secretsmanager 1.46.0 → 1.50.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-secretsmanager/client.rb +267 -541
- data/lib/aws-sdk-secretsmanager/client_api.rb +7 -0
- data/lib/aws-sdk-secretsmanager/types.rb +160 -468
- data/lib/aws-sdk-secretsmanager.rb +1 -1
- metadata +8 -9
@@ -22,27 +22,8 @@ module Aws::SecretsManager
|
|
22
22
|
# either the Amazon Resource Name (ARN) or the friendly name of the
|
23
23
|
# secret.
|
24
24
|
#
|
25
|
-
#
|
26
|
-
#
|
27
|
-
# don’t include the final hyphen and six random characters that
|
28
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
29
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
30
|
-
# only one secret. However, if your secret has a name that ends in a
|
31
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
32
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
33
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
34
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
35
|
-
# unexpected results. To avoid this situation, we recommend that you
|
36
|
-
# don’t create secret names ending with a hyphen followed by six
|
37
|
-
# characters.
|
38
|
-
#
|
39
|
-
# If you specify an incomplete ARN without the random suffix, and
|
40
|
-
# instead provide the 'friendly name', you *must* not include the
|
41
|
-
# random suffix. If you do include the random suffix added by Secrets
|
42
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
43
|
-
# *AccessDeniedException* error, depending on your permissions.
|
44
|
-
#
|
45
|
-
# </note>
|
25
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
26
|
+
# a partial ARN.
|
46
27
|
# @return [String]
|
47
28
|
#
|
48
29
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/CancelRotateSecretRequest AWS API Documentation
|
@@ -125,13 +106,14 @@ module Aws::SecretsManager
|
|
125
106
|
# initial version is created as part of the secret, and this parameter
|
126
107
|
# specifies a unique identifier for the new version.
|
127
108
|
#
|
128
|
-
# <note markdown="1"> If you use the
|
129
|
-
#
|
130
|
-
#
|
131
|
-
#
|
132
|
-
#
|
133
|
-
#
|
134
|
-
#
|
109
|
+
# <note markdown="1"> If you use the Amazon Web Services CLI or one of the Amazon Web
|
110
|
+
# Services SDK to call this operation, then you can leave this
|
111
|
+
# parameter empty. The CLI or SDK generates a random UUID for you and
|
112
|
+
# includes it as the value for this parameter in the request. If you
|
113
|
+
# don't use the SDK and instead generate a raw HTTP request to the
|
114
|
+
# Secrets Manager service endpoint, then you must generate a
|
115
|
+
# `ClientRequestToken` yourself for the new version and include the
|
116
|
+
# value in the request.
|
135
117
|
#
|
136
118
|
# </note>
|
137
119
|
#
|
@@ -169,20 +151,21 @@ module Aws::SecretsManager
|
|
169
151
|
# @return [String]
|
170
152
|
#
|
171
153
|
# @!attribute [rw] kms_key_id
|
172
|
-
# (Optional) Specifies the ARN, Key ID, or alias of the
|
173
|
-
# customer master key (CMK) to be used to encrypt the
|
174
|
-
# or `SecretBinary` values in the versions stored in
|
154
|
+
# (Optional) Specifies the ARN, Key ID, or alias of the Amazon Web
|
155
|
+
# Services KMS customer master key (CMK) to be used to encrypt the
|
156
|
+
# `SecretString` or `SecretBinary` values in the versions stored in
|
157
|
+
# this secret.
|
175
158
|
#
|
176
|
-
# You can specify any of the supported ways to identify a
|
177
|
-
# ID. If you need to reference a CMK in a different
|
178
|
-
# use only the key ARN or the alias ARN.
|
159
|
+
# You can specify any of the supported ways to identify a Amazon Web
|
160
|
+
# Services KMS key ID. If you need to reference a CMK in a different
|
161
|
+
# account, you can use only the key ARN or the alias ARN.
|
179
162
|
#
|
180
163
|
# If you don't specify this value, then Secrets Manager defaults to
|
181
|
-
# using the
|
182
|
-
# `aws/secretsmanager`). If a
|
183
|
-
# exist, then Secrets Manager creates it for you
|
184
|
-
# first time it needs to encrypt a version's
|
185
|
-
# `SecretBinary` fields.
|
164
|
+
# using the Amazon Web Services account's default CMK (the one named
|
165
|
+
# `aws/secretsmanager`). If a Amazon Web Services KMS CMK with that
|
166
|
+
# name doesn't yet exist, then Secrets Manager creates it for you
|
167
|
+
# automatically the first time it needs to encrypt a version's
|
168
|
+
# `SecretString` or `SecretBinary` fields.
|
186
169
|
#
|
187
170
|
# You can use the account default CMK to encrypt and decrypt only if
|
188
171
|
# you call this operation using credentials from the same account that
|
@@ -201,7 +184,8 @@ module Aws::SecretsManager
|
|
201
184
|
# both. They cannot both be empty.
|
202
185
|
#
|
203
186
|
# This parameter is not available using the Secrets Manager console.
|
204
|
-
# It can be accessed only by using the
|
187
|
+
# It can be accessed only by using the Amazon Web Services CLI or one
|
188
|
+
# of the Amazon Web Services SDKs.
|
205
189
|
# @return [String]
|
206
190
|
#
|
207
191
|
# @!attribute [rw] secret_string
|
@@ -218,20 +202,13 @@ module Aws::SecretsManager
|
|
218
202
|
# rotation function knows how to parse.
|
219
203
|
#
|
220
204
|
# For storing multiple values, we recommend that you use a JSON text
|
221
|
-
# string argument and specify key/value pairs. For information
|
222
|
-
#
|
223
|
-
#
|
224
|
-
# User Guide*. For example:
|
225
|
-
#
|
226
|
-
# `\{"username":"bob","password":"abc123xyz456"\}`
|
227
|
-
#
|
228
|
-
# If your command-line tool or SDK requires quotation marks around the
|
229
|
-
# parameter, you should use single quotes to avoid confusion with the
|
230
|
-
# double quotes required in the JSON text.
|
205
|
+
# string argument and specify key/value pairs. For more information,
|
206
|
+
# see [Specifying parameter values for the Amazon Web Services CLI][1]
|
207
|
+
# in the Amazon Web Services CLI User Guide.
|
231
208
|
#
|
232
209
|
#
|
233
210
|
#
|
234
|
-
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-
|
211
|
+
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html
|
235
212
|
# @return [String]
|
236
213
|
#
|
237
214
|
# @!attribute [rw] tags
|
@@ -251,8 +228,8 @@ module Aws::SecretsManager
|
|
251
228
|
#
|
252
229
|
# This parameter requires a JSON text string argument. For information
|
253
230
|
# on how to format a JSON parameter for the various command line tool
|
254
|
-
# environments, see [Using JSON for Parameters][1] in the *
|
255
|
-
#
|
231
|
+
# environments, see [Using JSON for Parameters][1] in the *CLI User
|
232
|
+
# Guide*. For example:
|
256
233
|
#
|
257
234
|
# `[\{"Key":"CostCenter","Value":"12345"\},\{"Key":"environment","Value":"production"\}]`
|
258
235
|
#
|
@@ -271,9 +248,9 @@ module Aws::SecretsManager
|
|
271
248
|
# * Tag keys and values are case sensitive.
|
272
249
|
#
|
273
250
|
# * Do not use the `aws:` prefix in your tag names or values because
|
274
|
-
#
|
275
|
-
# or
|
276
|
-
# against your tags per secret limit.
|
251
|
+
# Amazon Web Services reserves it for Amazon Web Services use. You
|
252
|
+
# can't edit or delete tag names or values with this prefix. Tags
|
253
|
+
# with this prefix do not count against your tags per secret limit.
|
277
254
|
#
|
278
255
|
# * If you use your tagging schema across multiple services and
|
279
256
|
# resources, remember other services might have restrictions on
|
@@ -378,27 +355,8 @@ module Aws::SecretsManager
|
|
378
355
|
# resource-based policy for. You can specify either the Amazon
|
379
356
|
# Resource Name (ARN) or the friendly name of the secret.
|
380
357
|
#
|
381
|
-
#
|
382
|
-
#
|
383
|
-
# don’t include the final hyphen and six random characters that
|
384
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
385
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
386
|
-
# only one secret. However, if your secret has a name that ends in a
|
387
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
388
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
389
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
390
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
391
|
-
# unexpected results. To avoid this situation, we recommend that you
|
392
|
-
# don’t create secret names ending with a hyphen followed by six
|
393
|
-
# characters.
|
394
|
-
#
|
395
|
-
# If you specify an incomplete ARN without the random suffix, and
|
396
|
-
# instead provide the 'friendly name', you *must* not include the
|
397
|
-
# random suffix. If you do include the random suffix added by Secrets
|
398
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
399
|
-
# *AccessDeniedException* error, depending on your permissions.
|
400
|
-
#
|
401
|
-
# </note>
|
358
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
359
|
+
# a partial ARN.
|
402
360
|
# @return [String]
|
403
361
|
#
|
404
362
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DeleteResourcePolicyRequest AWS API Documentation
|
@@ -441,27 +399,8 @@ module Aws::SecretsManager
|
|
441
399
|
# Specifies the secret to delete. You can specify either the Amazon
|
442
400
|
# Resource Name (ARN) or the friendly name of the secret.
|
443
401
|
#
|
444
|
-
#
|
445
|
-
#
|
446
|
-
# don’t include the final hyphen and six random characters that
|
447
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
448
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
449
|
-
# only one secret. However, if your secret has a name that ends in a
|
450
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
451
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
452
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
453
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
454
|
-
# unexpected results. To avoid this situation, we recommend that you
|
455
|
-
# don’t create secret names ending with a hyphen followed by six
|
456
|
-
# characters.
|
457
|
-
#
|
458
|
-
# If you specify an incomplete ARN without the random suffix, and
|
459
|
-
# instead provide the 'friendly name', you *must* not include the
|
460
|
-
# random suffix. If you do include the random suffix added by Secrets
|
461
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
462
|
-
# *AccessDeniedException* error, depending on your permissions.
|
463
|
-
#
|
464
|
-
# </note>
|
402
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
403
|
+
# a partial ARN.
|
465
404
|
# @return [String]
|
466
405
|
#
|
467
406
|
# @!attribute [rw] recovery_window_in_days
|
@@ -486,10 +425,10 @@ module Aws::SecretsManager
|
|
486
425
|
#
|
487
426
|
# Use this parameter with caution. This parameter causes the operation
|
488
427
|
# to skip the normal waiting period before the permanent deletion that
|
489
|
-
#
|
490
|
-
# If you delete a secret with the
|
491
|
-
# parameter, then you have no opportunity
|
492
|
-
# lose the secret permanently.
|
428
|
+
# Amazon Web Services would normally impose with the
|
429
|
+
# `RecoveryWindowInDays` parameter. If you delete a secret with the
|
430
|
+
# `ForceDeleteWithouRecovery` parameter, then you have no opportunity
|
431
|
+
# to recover the secret. You lose the secret permanently.
|
493
432
|
#
|
494
433
|
# If you use this parameter and include a previously deleted or
|
495
434
|
# nonexistent secret, the operation does not return the error
|
@@ -543,27 +482,8 @@ module Aws::SecretsManager
|
|
543
482
|
# can specify either the Amazon Resource Name (ARN) or the friendly
|
544
483
|
# name of the secret.
|
545
484
|
#
|
546
|
-
#
|
547
|
-
#
|
548
|
-
# don’t include the final hyphen and six random characters that
|
549
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
550
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
551
|
-
# only one secret. However, if your secret has a name that ends in a
|
552
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
553
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
554
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
555
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
556
|
-
# unexpected results. To avoid this situation, we recommend that you
|
557
|
-
# don’t create secret names ending with a hyphen followed by six
|
558
|
-
# characters.
|
559
|
-
#
|
560
|
-
# If you specify an incomplete ARN without the random suffix, and
|
561
|
-
# instead provide the 'friendly name', you *must* not include the
|
562
|
-
# random suffix. If you do include the random suffix added by Secrets
|
563
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
564
|
-
# *AccessDeniedException* error, depending on your permissions.
|
565
|
-
#
|
566
|
-
# </note>
|
485
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
486
|
+
# a partial ARN.
|
567
487
|
# @return [String]
|
568
488
|
#
|
569
489
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DescribeSecretRequest AWS API Documentation
|
@@ -587,11 +507,12 @@ module Aws::SecretsManager
|
|
587
507
|
# @return [String]
|
588
508
|
#
|
589
509
|
# @!attribute [rw] kms_key_id
|
590
|
-
# The ARN or alias of the
|
591
|
-
# used to encrypt the `SecretString` or `SecretBinary`
|
592
|
-
# version of the secret. If you don't provide a key,
|
593
|
-
# Manager defaults to encrypting the secret fields with
|
594
|
-
#
|
510
|
+
# The ARN or alias of the Amazon Web Services KMS customer master key
|
511
|
+
# (CMK) that's used to encrypt the `SecretString` or `SecretBinary`
|
512
|
+
# fields in each version of the secret. If you don't provide a key,
|
513
|
+
# then Secrets Manager defaults to encrypting the secret fields with
|
514
|
+
# the default Amazon Web Services KMS CMK (the one named
|
515
|
+
# `awssecretsmanager`) for this account.
|
595
516
|
# @return [String]
|
596
517
|
#
|
597
518
|
# @!attribute [rw] rotation_enabled
|
@@ -609,7 +530,8 @@ module Aws::SecretsManager
|
|
609
530
|
# @return [String]
|
610
531
|
#
|
611
532
|
# @!attribute [rw] rotation_rules
|
612
|
-
# A structure with the rotation configuration for this secret.
|
533
|
+
# A structure with the rotation configuration for this secret. This
|
534
|
+
# field is only populated if rotation is configured.
|
613
535
|
# @return [Types::RotationRulesType]
|
614
536
|
#
|
615
537
|
# @!attribute [rw] last_rotated_date
|
@@ -860,27 +782,8 @@ module Aws::SecretsManager
|
|
860
782
|
# resource-based policy for. You can specify either the Amazon
|
861
783
|
# Resource Name (ARN) or the friendly name of the secret.
|
862
784
|
#
|
863
|
-
#
|
864
|
-
#
|
865
|
-
# don’t include the final hyphen and six random characters that
|
866
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
867
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
868
|
-
# only one secret. However, if your secret has a name that ends in a
|
869
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
870
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
871
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
872
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
873
|
-
# unexpected results. To avoid this situation, we recommend that you
|
874
|
-
# don’t create secret names ending with a hyphen followed by six
|
875
|
-
# characters.
|
876
|
-
#
|
877
|
-
# If you specify an incomplete ARN without the random suffix, and
|
878
|
-
# instead provide the 'friendly name', you *must* not include the
|
879
|
-
# random suffix. If you do include the random suffix added by Secrets
|
880
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
881
|
-
# *AccessDeniedException* error, depending on your permissions.
|
882
|
-
#
|
883
|
-
# </note>
|
785
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
786
|
+
# a partial ARN.
|
884
787
|
# @return [String]
|
885
788
|
#
|
886
789
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/GetResourcePolicyRequest AWS API Documentation
|
@@ -907,8 +810,9 @@ module Aws::SecretsManager
|
|
907
810
|
# with any permissions that are associated with the user or role that
|
908
811
|
# attempts to access this secret. The combined permissions specify who
|
909
812
|
# can access the secret and what actions they can perform. For more
|
910
|
-
# information, see [Authentication and Access Control for
|
911
|
-
# Manager][1] in the *
|
813
|
+
# information, see [Authentication and Access Control for Amazon Web
|
814
|
+
# Services Secrets Manager][1] in the *Amazon Web Services Secrets
|
815
|
+
# Manager User Guide*.
|
912
816
|
#
|
913
817
|
#
|
914
818
|
#
|
@@ -939,27 +843,8 @@ module Aws::SecretsManager
|
|
939
843
|
# retrieve. You can specify either the Amazon Resource Name (ARN) or
|
940
844
|
# the friendly name of the secret.
|
941
845
|
#
|
942
|
-
#
|
943
|
-
#
|
944
|
-
# don’t include the final hyphen and six random characters that
|
945
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
946
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
947
|
-
# only one secret. However, if your secret has a name that ends in a
|
948
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
949
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
950
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
951
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
952
|
-
# unexpected results. To avoid this situation, we recommend that you
|
953
|
-
# don’t create secret names ending with a hyphen followed by six
|
954
|
-
# characters.
|
955
|
-
#
|
956
|
-
# If you specify an incomplete ARN without the random suffix, and
|
957
|
-
# instead provide the 'friendly name', you *must* not include the
|
958
|
-
# random suffix. If you do include the random suffix added by Secrets
|
959
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
960
|
-
# *AccessDeniedException* error, depending on your permissions.
|
961
|
-
#
|
962
|
-
# </note>
|
846
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
847
|
+
# a partial ARN.
|
963
848
|
# @return [String]
|
964
849
|
#
|
965
850
|
# @!attribute [rw] version_id
|
@@ -1160,27 +1045,8 @@ module Aws::SecretsManager
|
|
1160
1045
|
# list. You can specify either the Amazon Resource Name (ARN) or the
|
1161
1046
|
# friendly name of the secret.
|
1162
1047
|
#
|
1163
|
-
#
|
1164
|
-
#
|
1165
|
-
# don’t include the final hyphen and six random characters that
|
1166
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
1167
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
1168
|
-
# only one secret. However, if your secret has a name that ends in a
|
1169
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
1170
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
1171
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
1172
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
1173
|
-
# unexpected results. To avoid this situation, we recommend that you
|
1174
|
-
# don’t create secret names ending with a hyphen followed by six
|
1175
|
-
# characters.
|
1176
|
-
#
|
1177
|
-
# If you specify an incomplete ARN without the random suffix, and
|
1178
|
-
# instead provide the 'friendly name', you *must* not include the
|
1179
|
-
# random suffix. If you do include the random suffix added by Secrets
|
1180
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
1181
|
-
# *AccessDeniedException* error, depending on your permissions.
|
1182
|
-
#
|
1183
|
-
# </note>
|
1048
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
1049
|
+
# a partial ARN.
|
1184
1050
|
# @return [String]
|
1185
1051
|
#
|
1186
1052
|
# @!attribute [rw] max_results
|
@@ -1401,36 +1267,17 @@ module Aws::SecretsManager
|
|
1401
1267
|
# policy. You can specify either the ARN or the friendly name of the
|
1402
1268
|
# secret.
|
1403
1269
|
#
|
1404
|
-
#
|
1405
|
-
#
|
1406
|
-
# don’t include the final hyphen and six random characters that
|
1407
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
1408
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
1409
|
-
# only one secret. However, if your secret has a name that ends in a
|
1410
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
1411
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
1412
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
1413
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
1414
|
-
# unexpected results. To avoid this situation, we recommend that you
|
1415
|
-
# don’t create secret names ending with a hyphen followed by six
|
1416
|
-
# characters.
|
1417
|
-
#
|
1418
|
-
# If you specify an incomplete ARN without the random suffix, and
|
1419
|
-
# instead provide the 'friendly name', you *must* not include the
|
1420
|
-
# random suffix. If you do include the random suffix added by Secrets
|
1421
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
1422
|
-
# *AccessDeniedException* error, depending on your permissions.
|
1423
|
-
#
|
1424
|
-
# </note>
|
1270
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
1271
|
+
# a partial ARN.
|
1425
1272
|
# @return [String]
|
1426
1273
|
#
|
1427
1274
|
# @!attribute [rw] resource_policy
|
1428
1275
|
# A JSON-formatted string constructed according to the grammar and
|
1429
|
-
# syntax for an
|
1430
|
-
# identifies who can access or manage this secret and
|
1431
|
-
# For information on how to format a JSON parameter for
|
1432
|
-
# command line tool environments, see [Using JSON for
|
1433
|
-
# in the *
|
1276
|
+
# syntax for an Amazon Web Services resource-based policy. The policy
|
1277
|
+
# in the string identifies who can access or manage this secret and
|
1278
|
+
# its versions. For information on how to format a JSON parameter for
|
1279
|
+
# the various command line tool environments, see [Using JSON for
|
1280
|
+
# Parameters][1] in the *CLI User Guide*.
|
1434
1281
|
#
|
1435
1282
|
#
|
1436
1283
|
#
|
@@ -1487,40 +1334,21 @@ module Aws::SecretsManager
|
|
1487
1334
|
# specify either the Amazon Resource Name (ARN) or the friendly name
|
1488
1335
|
# of the secret. The secret must already exist.
|
1489
1336
|
#
|
1490
|
-
#
|
1491
|
-
#
|
1492
|
-
# don’t include the final hyphen and six random characters that
|
1493
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
1494
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
1495
|
-
# only one secret. However, if your secret has a name that ends in a
|
1496
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
1497
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
1498
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
1499
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
1500
|
-
# unexpected results. To avoid this situation, we recommend that you
|
1501
|
-
# don’t create secret names ending with a hyphen followed by six
|
1502
|
-
# characters.
|
1503
|
-
#
|
1504
|
-
# If you specify an incomplete ARN without the random suffix, and
|
1505
|
-
# instead provide the 'friendly name', you *must* not include the
|
1506
|
-
# random suffix. If you do include the random suffix added by Secrets
|
1507
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
1508
|
-
# *AccessDeniedException* error, depending on your permissions.
|
1509
|
-
#
|
1510
|
-
# </note>
|
1337
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
1338
|
+
# a partial ARN.
|
1511
1339
|
# @return [String]
|
1512
1340
|
#
|
1513
1341
|
# @!attribute [rw] client_request_token
|
1514
1342
|
# (Optional) Specifies a unique identifier for the new version of the
|
1515
1343
|
# secret.
|
1516
1344
|
#
|
1517
|
-
# <note markdown="1"> If you use the
|
1518
|
-
#
|
1519
|
-
#
|
1520
|
-
#
|
1521
|
-
#
|
1522
|
-
# `ClientRequestToken` yourself for new
|
1523
|
-
# value in the request.
|
1345
|
+
# <note markdown="1"> If you use the Amazon Web Services CLI or one of the Amazon Web
|
1346
|
+
# Services SDK to call this operation, then you can leave this
|
1347
|
+
# parameter empty. The CLI or SDK generates a random UUID for you and
|
1348
|
+
# includes that in the request. If you don't use the SDK and instead
|
1349
|
+
# generate a raw HTTP request to the Secrets Manager service endpoint,
|
1350
|
+
# then you must generate a `ClientRequestToken` yourself for new
|
1351
|
+
# versions and include that value in the request.
|
1524
1352
|
#
|
1525
1353
|
# </note>
|
1526
1354
|
#
|
@@ -1580,22 +1408,13 @@ module Aws::SecretsManager
|
|
1580
1408
|
# Lambda rotation function knows how to parse.
|
1581
1409
|
#
|
1582
1410
|
# For storing multiple values, we recommend that you use a JSON text
|
1583
|
-
# string argument and specify key/value pairs. For information
|
1584
|
-
#
|
1585
|
-
#
|
1586
|
-
# User Guide*.
|
1411
|
+
# string argument and specify key/value pairs. For more information,
|
1412
|
+
# see [Specifying parameter values for the Amazon Web Services CLI][1]
|
1413
|
+
# in the Amazon Web Services CLI User Guide.
|
1587
1414
|
#
|
1588
|
-
# For example:
|
1589
1415
|
#
|
1590
|
-
# `[\{"username":"bob"\},\{"password":"abc123xyz456"\}]`
|
1591
1416
|
#
|
1592
|
-
#
|
1593
|
-
# parameter, you should use single quotes to avoid confusion with the
|
1594
|
-
# double quotes required in the JSON text.
|
1595
|
-
#
|
1596
|
-
#
|
1597
|
-
#
|
1598
|
-
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
1417
|
+
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html
|
1599
1418
|
# @return [String]
|
1600
1419
|
#
|
1601
1420
|
# @!attribute [rw] version_stages
|
@@ -1861,27 +1680,8 @@ module Aws::SecretsManager
|
|
1861
1680
|
# scheduled deletion. You can specify either the Amazon Resource Name
|
1862
1681
|
# (ARN) or the friendly name of the secret.
|
1863
1682
|
#
|
1864
|
-
#
|
1865
|
-
#
|
1866
|
-
# don’t include the final hyphen and six random characters that
|
1867
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
1868
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
1869
|
-
# only one secret. However, if your secret has a name that ends in a
|
1870
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
1871
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
1872
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
1873
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
1874
|
-
# unexpected results. To avoid this situation, we recommend that you
|
1875
|
-
# don’t create secret names ending with a hyphen followed by six
|
1876
|
-
# characters.
|
1877
|
-
#
|
1878
|
-
# If you specify an incomplete ARN without the random suffix, and
|
1879
|
-
# instead provide the 'friendly name', you *must* not include the
|
1880
|
-
# random suffix. If you do include the random suffix added by Secrets
|
1881
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
1882
|
-
# *AccessDeniedException* error, depending on your permissions.
|
1883
|
-
#
|
1884
|
-
# </note>
|
1683
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
1684
|
+
# a partial ARN.
|
1885
1685
|
# @return [String]
|
1886
1686
|
#
|
1887
1687
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RestoreSecretRequest AWS API Documentation
|
@@ -1925,40 +1725,22 @@ module Aws::SecretsManager
|
|
1925
1725
|
# Specifies the secret that you want to rotate. You can specify either
|
1926
1726
|
# the Amazon Resource Name (ARN) or the friendly name of the secret.
|
1927
1727
|
#
|
1928
|
-
#
|
1929
|
-
#
|
1930
|
-
# don’t include the final hyphen and six random characters that
|
1931
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
1932
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
1933
|
-
# only one secret. However, if your secret has a name that ends in a
|
1934
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
1935
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
1936
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
1937
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
1938
|
-
# unexpected results. To avoid this situation, we recommend that you
|
1939
|
-
# don’t create secret names ending with a hyphen followed by six
|
1940
|
-
# characters.
|
1941
|
-
#
|
1942
|
-
# If you specify an incomplete ARN without the random suffix, and
|
1943
|
-
# instead provide the 'friendly name', you *must* not include the
|
1944
|
-
# random suffix. If you do include the random suffix added by Secrets
|
1945
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
1946
|
-
# *AccessDeniedException* error, depending on your permissions.
|
1947
|
-
#
|
1948
|
-
# </note>
|
1728
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
1729
|
+
# a partial ARN.
|
1949
1730
|
# @return [String]
|
1950
1731
|
#
|
1951
1732
|
# @!attribute [rw] client_request_token
|
1952
1733
|
# (Optional) Specifies a unique identifier for the new version of the
|
1953
1734
|
# secret that helps ensure idempotency.
|
1954
1735
|
#
|
1955
|
-
# If you use the
|
1956
|
-
#
|
1957
|
-
#
|
1958
|
-
# parameter. If you don't use
|
1959
|
-
#
|
1960
|
-
#
|
1961
|
-
#
|
1736
|
+
# If you use the Amazon Web Services CLI or one of the Amazon Web
|
1737
|
+
# Services SDK to call this operation, then you can leave this
|
1738
|
+
# parameter empty. The CLI or SDK generates a random UUID for you and
|
1739
|
+
# includes that in the request for this parameter. If you don't use
|
1740
|
+
# the SDK and instead generate a raw HTTP request to the Secrets
|
1741
|
+
# Manager service endpoint, then you must generate a
|
1742
|
+
# `ClientRequestToken` yourself for new versions and include that
|
1743
|
+
# value in the request.
|
1962
1744
|
#
|
1963
1745
|
# You only need to specify your own value if you implement your own
|
1964
1746
|
# retry logic and want to ensure that a given secret is not created
|
@@ -2059,7 +1841,8 @@ module Aws::SecretsManager
|
|
2059
1841
|
# The Amazon Resource Name (ARN) of the secret.
|
2060
1842
|
#
|
2061
1843
|
# For more information about ARNs in Secrets Manager, see [Policy
|
2062
|
-
# Resources][1] in the *
|
1844
|
+
# Resources][1] in the *Amazon Web Services Secrets Manager User
|
1845
|
+
# Guide*.
|
2063
1846
|
#
|
2064
1847
|
#
|
2065
1848
|
#
|
@@ -2078,11 +1861,12 @@ module Aws::SecretsManager
|
|
2078
1861
|
# @return [String]
|
2079
1862
|
#
|
2080
1863
|
# @!attribute [rw] kms_key_id
|
2081
|
-
# The ARN or alias of the
|
2082
|
-
# encrypt the `SecretString` and `SecretBinary` fields
|
2083
|
-
# of the secret. If you don't provide a key, then
|
2084
|
-
# defaults to encrypting the secret fields with the
|
2085
|
-
# the key named `awssecretsmanager`, for this
|
1864
|
+
# The ARN or alias of the Amazon Web Services KMS customer master key
|
1865
|
+
# (CMK) used to encrypt the `SecretString` and `SecretBinary` fields
|
1866
|
+
# in each version of the secret. If you don't provide a key, then
|
1867
|
+
# Secrets Manager defaults to encrypting the secret fields with the
|
1868
|
+
# default KMS CMK, the key named `awssecretsmanager`, for this
|
1869
|
+
# account.
|
2086
1870
|
# @return [String]
|
2087
1871
|
#
|
2088
1872
|
# @!attribute [rw] rotation_enabled
|
@@ -2091,9 +1875,9 @@ module Aws::SecretsManager
|
|
2091
1875
|
# @return [Boolean]
|
2092
1876
|
#
|
2093
1877
|
# @!attribute [rw] rotation_lambda_arn
|
2094
|
-
# The ARN of an
|
2095
|
-
# rotate and expire the secret either automatically per the
|
2096
|
-
# or manually by a call to RotateSecret.
|
1878
|
+
# The ARN of an Amazon Web Services Lambda function invoked by Secrets
|
1879
|
+
# Manager to rotate and expire the secret either automatically per the
|
1880
|
+
# schedule or manually by a call to RotateSecret.
|
2097
1881
|
# @return [String]
|
2098
1882
|
#
|
2099
1883
|
# @!attribute [rw] rotation_rules
|
@@ -2198,13 +1982,18 @@ module Aws::SecretsManager
|
|
2198
1982
|
# The date and time this version of the secret was created.
|
2199
1983
|
# @return [Time]
|
2200
1984
|
#
|
1985
|
+
# @!attribute [rw] kms_key_ids
|
1986
|
+
# The KMS keys used to encrypt the secret version.
|
1987
|
+
# @return [Array<String>]
|
1988
|
+
#
|
2201
1989
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/SecretVersionsListEntry AWS API Documentation
|
2202
1990
|
#
|
2203
1991
|
class SecretVersionsListEntry < Struct.new(
|
2204
1992
|
:version_id,
|
2205
1993
|
:version_stages,
|
2206
1994
|
:last_accessed_date,
|
2207
|
-
:created_date
|
1995
|
+
:created_date,
|
1996
|
+
:kms_key_ids)
|
2208
1997
|
SENSITIVE = []
|
2209
1998
|
include Aws::Structure
|
2210
1999
|
end
|
@@ -2287,43 +2076,24 @@ module Aws::SecretsManager
|
|
2287
2076
|
# can specify either the Amazon Resource Name (ARN) or the friendly
|
2288
2077
|
# name of the secret.
|
2289
2078
|
#
|
2290
|
-
#
|
2291
|
-
#
|
2292
|
-
# don’t include the final hyphen and six random characters that
|
2293
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
2294
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
2295
|
-
# only one secret. However, if your secret has a name that ends in a
|
2296
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
2297
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
2298
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
2299
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
2300
|
-
# unexpected results. To avoid this situation, we recommend that you
|
2301
|
-
# don’t create secret names ending with a hyphen followed by six
|
2302
|
-
# characters.
|
2303
|
-
#
|
2304
|
-
# If you specify an incomplete ARN without the random suffix, and
|
2305
|
-
# instead provide the 'friendly name', you *must* not include the
|
2306
|
-
# random suffix. If you do include the random suffix added by Secrets
|
2307
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
2308
|
-
# *AccessDeniedException* error, depending on your permissions.
|
2309
|
-
#
|
2310
|
-
# </note>
|
2079
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
2080
|
+
# a partial ARN.
|
2311
2081
|
# @return [String]
|
2312
2082
|
#
|
2313
2083
|
# @!attribute [rw] tags
|
2314
2084
|
# The tags to attach to the secret. Each element in the list consists
|
2315
2085
|
# of a `Key` and a `Value`.
|
2316
2086
|
#
|
2317
|
-
# This parameter to the API requires a JSON text string argument.
|
2318
|
-
# information on how to format a JSON parameter for the various
|
2319
|
-
# command line tool environments, see [Using JSON for Parameters][1]
|
2320
|
-
# in the *AWS CLI User Guide*. For the AWS CLI, you can also use the
|
2321
|
-
# syntax: `--Tags Key="Key1",Value="Value1"
|
2322
|
-
# Key="Key2",Value="Value2"[,…]`
|
2087
|
+
# This parameter to the API requires a JSON text string argument.
|
2323
2088
|
#
|
2089
|
+
# For storing multiple values, we recommend that you use a JSON text
|
2090
|
+
# string argument and specify key/value pairs. For more information,
|
2091
|
+
# see [Specifying parameter values for the Amazon Web Services CLI][1]
|
2092
|
+
# in the Amazon Web Services CLI User Guide.
|
2324
2093
|
#
|
2325
2094
|
#
|
2326
|
-
#
|
2095
|
+
#
|
2096
|
+
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html
|
2327
2097
|
# @return [Array<Types::Tag>]
|
2328
2098
|
#
|
2329
2099
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/TagResourceRequest AWS API Documentation
|
@@ -2348,27 +2118,8 @@ module Aws::SecretsManager
|
|
2348
2118
|
# can specify either the Amazon Resource Name (ARN) or the friendly
|
2349
2119
|
# name of the secret.
|
2350
2120
|
#
|
2351
|
-
#
|
2352
|
-
#
|
2353
|
-
# don’t include the final hyphen and six random characters that
|
2354
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
2355
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
2356
|
-
# only one secret. However, if your secret has a name that ends in a
|
2357
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
2358
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
2359
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
2360
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
2361
|
-
# unexpected results. To avoid this situation, we recommend that you
|
2362
|
-
# don’t create secret names ending with a hyphen followed by six
|
2363
|
-
# characters.
|
2364
|
-
#
|
2365
|
-
# If you specify an incomplete ARN without the random suffix, and
|
2366
|
-
# instead provide the 'friendly name', you *must* not include the
|
2367
|
-
# random suffix. If you do include the random suffix added by Secrets
|
2368
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
2369
|
-
# *AccessDeniedException* error, depending on your permissions.
|
2370
|
-
#
|
2371
|
-
# </note>
|
2121
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
2122
|
+
# a partial ARN.
|
2372
2123
|
# @return [String]
|
2373
2124
|
#
|
2374
2125
|
# @!attribute [rw] tag_keys
|
@@ -2376,14 +2127,16 @@ module Aws::SecretsManager
|
|
2376
2127
|
# specify the value. Both the key and its associated value are
|
2377
2128
|
# removed.
|
2378
2129
|
#
|
2379
|
-
# This parameter to the API requires a JSON text string argument.
|
2380
|
-
#
|
2381
|
-
#
|
2382
|
-
#
|
2130
|
+
# This parameter to the API requires a JSON text string argument.
|
2131
|
+
#
|
2132
|
+
# For storing multiple values, we recommend that you use a JSON text
|
2133
|
+
# string argument and specify key/value pairs. For more information,
|
2134
|
+
# see [Specifying parameter values for the Amazon Web Services CLI][1]
|
2135
|
+
# in the Amazon Web Services CLI User Guide.
|
2383
2136
|
#
|
2384
2137
|
#
|
2385
2138
|
#
|
2386
|
-
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-
|
2139
|
+
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html
|
2387
2140
|
# @return [Array<String>]
|
2388
2141
|
#
|
2389
2142
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UntagResourceRequest AWS API Documentation
|
@@ -2412,27 +2165,8 @@ module Aws::SecretsManager
|
|
2412
2165
|
# add a new version. You can specify either the Amazon Resource Name
|
2413
2166
|
# (ARN) or the friendly name of the secret.
|
2414
2167
|
#
|
2415
|
-
#
|
2416
|
-
#
|
2417
|
-
# don’t include the final hyphen and six random characters that
|
2418
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
2419
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
2420
|
-
# only one secret. However, if your secret has a name that ends in a
|
2421
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
2422
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
2423
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
2424
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
2425
|
-
# unexpected results. To avoid this situation, we recommend that you
|
2426
|
-
# don’t create secret names ending with a hyphen followed by six
|
2427
|
-
# characters.
|
2428
|
-
#
|
2429
|
-
# If you specify an incomplete ARN without the random suffix, and
|
2430
|
-
# instead provide the 'friendly name', you *must* not include the
|
2431
|
-
# random suffix. If you do include the random suffix added by Secrets
|
2432
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
2433
|
-
# *AccessDeniedException* error, depending on your permissions.
|
2434
|
-
#
|
2435
|
-
# </note>
|
2168
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
2169
|
+
# a partial ARN.
|
2436
2170
|
# @return [String]
|
2437
2171
|
#
|
2438
2172
|
# @!attribute [rw] client_request_token
|
@@ -2440,13 +2174,13 @@ module Aws::SecretsManager
|
|
2440
2174
|
# parameter specifies a unique identifier for the new version that
|
2441
2175
|
# helps ensure idempotency.
|
2442
2176
|
#
|
2443
|
-
# If you use the
|
2444
|
-
#
|
2445
|
-
#
|
2446
|
-
#
|
2447
|
-
#
|
2448
|
-
# `ClientRequestToken` yourself for new
|
2449
|
-
# value in the request.
|
2177
|
+
# If you use the Amazon Web Services CLI or one of the Amazon Web
|
2178
|
+
# Services SDK to call this operation, then you can leave this
|
2179
|
+
# parameter empty. The CLI or SDK generates a random UUID for you and
|
2180
|
+
# includes that in the request. If you don't use the SDK and instead
|
2181
|
+
# generate a raw HTTP request to the Secrets Manager service endpoint,
|
2182
|
+
# then you must generate a `ClientRequestToken` yourself for new
|
2183
|
+
# versions and include that value in the request.
|
2450
2184
|
#
|
2451
2185
|
# You typically only need to interact with this value if you implement
|
2452
2186
|
# your own retry logic and want to ensure that a given secret is not
|
@@ -2486,9 +2220,13 @@ module Aws::SecretsManager
|
|
2486
2220
|
# @return [String]
|
2487
2221
|
#
|
2488
2222
|
# @!attribute [rw] kms_key_id
|
2489
|
-
# (Optional) Specifies an updated ARN or alias of the
|
2490
|
-
# master key (CMK)
|
2491
|
-
# versions of this secret
|
2223
|
+
# (Optional) Specifies an updated ARN or alias of the Amazon Web
|
2224
|
+
# Services KMS customer master key (CMK) that Secrets Manager uses to
|
2225
|
+
# encrypt the protected text in new versions of this secret as well as
|
2226
|
+
# any existing versions of this secret that have the staging labels
|
2227
|
+
# AWSCURRENT, AWSPENDING, or AWSPREVIOUS. For more information about
|
2228
|
+
# staging labels, see [Staging Labels][1] in the *Amazon Web Services
|
2229
|
+
# Secrets Manager User Guide*.
|
2492
2230
|
#
|
2493
2231
|
# You can only use the account's default CMK to encrypt and decrypt
|
2494
2232
|
# if you call this operation using credentials from the same account
|
@@ -2496,6 +2234,10 @@ module Aws::SecretsManager
|
|
2496
2234
|
# you must create a custom CMK and provide the ARN of that CMK in this
|
2497
2235
|
# field. The user making the call must have permissions to both the
|
2498
2236
|
# secret and the CMK in their respective accounts.
|
2237
|
+
#
|
2238
|
+
#
|
2239
|
+
#
|
2240
|
+
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/terms-concepts.html#term_staging-label
|
2499
2241
|
# @return [String]
|
2500
2242
|
#
|
2501
2243
|
# @!attribute [rw] secret_binary
|
@@ -2523,25 +2265,13 @@ module Aws::SecretsManager
|
|
2523
2265
|
# Lambda rotation function knows how to parse.
|
2524
2266
|
#
|
2525
2267
|
# For storing multiple values, we recommend that you use a JSON text
|
2526
|
-
# string argument and specify key/value pairs. For information
|
2527
|
-
#
|
2528
|
-
#
|
2529
|
-
# User Guide*. For example:
|
2530
|
-
#
|
2531
|
-
# `[\{"username":"bob"\},\{"password":"abc123xyz456"\}]`
|
2268
|
+
# string argument and specify key/value pairs. For more information,
|
2269
|
+
# see [Specifying parameter values for the Amazon Web Services CLI][1]
|
2270
|
+
# in the Amazon Web Services CLI User Guide.
|
2532
2271
|
#
|
2533
|
-
# If your command-line tool or SDK requires quotation marks around the
|
2534
|
-
# parameter, you should use single quotes to avoid confusion with the
|
2535
|
-
# double quotes required in the JSON text. You can also 'escape' the
|
2536
|
-
# double quote character in the embedded JSON text by prefacing each
|
2537
|
-
# with a backslash. For example, the following string is surrounded by
|
2538
|
-
# double-quotes. All of the embedded double quotes are escaped:
|
2539
|
-
#
|
2540
|
-
# `"[\{"username":"bob"\},\{"password":"abc123xyz456"\}]"`
|
2541
2272
|
#
|
2542
2273
|
#
|
2543
|
-
#
|
2544
|
-
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
|
2274
|
+
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html
|
2545
2275
|
# @return [String]
|
2546
2276
|
#
|
2547
2277
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UpdateSecretRequest AWS API Documentation
|
@@ -2605,27 +2335,8 @@ module Aws::SecretsManager
|
|
2605
2335
|
# labels you want to modify. You can specify either the Amazon
|
2606
2336
|
# Resource Name (ARN) or the friendly name of the secret.
|
2607
2337
|
#
|
2608
|
-
#
|
2609
|
-
#
|
2610
|
-
# don’t include the final hyphen and six random characters that
|
2611
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
2612
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
2613
|
-
# only one secret. However, if your secret has a name that ends in a
|
2614
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
2615
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
2616
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
2617
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
2618
|
-
# unexpected results. To avoid this situation, we recommend that you
|
2619
|
-
# don’t create secret names ending with a hyphen followed by six
|
2620
|
-
# characters.
|
2621
|
-
#
|
2622
|
-
# If you specify an incomplete ARN without the random suffix, and
|
2623
|
-
# instead provide the 'friendly name', you *must* not include the
|
2624
|
-
# random suffix. If you do include the random suffix added by Secrets
|
2625
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
2626
|
-
# *AccessDeniedException* error, depending on your permissions.
|
2627
|
-
#
|
2628
|
-
# </note>
|
2338
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
2339
|
+
# a partial ARN.
|
2629
2340
|
# @return [String]
|
2630
2341
|
#
|
2631
2342
|
# @!attribute [rw] version_stage
|
@@ -2693,36 +2404,17 @@ module Aws::SecretsManager
|
|
2693
2404
|
# policy you want to validate. You can specify either the Amazon
|
2694
2405
|
# Resource Name (ARN) or the friendly name of the secret.
|
2695
2406
|
#
|
2696
|
-
#
|
2697
|
-
#
|
2698
|
-
# don’t include the final hyphen and six random characters that
|
2699
|
-
# Secrets Manager adds at the end of the ARN when you created the
|
2700
|
-
# secret. A partial ARN match can work as long as it uniquely matches
|
2701
|
-
# only one secret. However, if your secret has a name that ends in a
|
2702
|
-
# hyphen followed by six characters (before Secrets Manager adds the
|
2703
|
-
# hyphen and six characters to the ARN) and you try to use that as a
|
2704
|
-
# partial ARN, then those characters cause Secrets Manager to assume
|
2705
|
-
# that you’re specifying a complete ARN. This confusion can cause
|
2706
|
-
# unexpected results. To avoid this situation, we recommend that you
|
2707
|
-
# don’t create secret names ending with a hyphen followed by six
|
2708
|
-
# characters.
|
2709
|
-
#
|
2710
|
-
# If you specify an incomplete ARN without the random suffix, and
|
2711
|
-
# instead provide the 'friendly name', you *must* not include the
|
2712
|
-
# random suffix. If you do include the random suffix added by Secrets
|
2713
|
-
# Manager, you receive either a *ResourceNotFoundException* or an
|
2714
|
-
# *AccessDeniedException* error, depending on your permissions.
|
2715
|
-
#
|
2716
|
-
# </note>
|
2407
|
+
# For an ARN, we recommend that you specify a complete ARN rather than
|
2408
|
+
# a partial ARN.
|
2717
2409
|
# @return [String]
|
2718
2410
|
#
|
2719
2411
|
# @!attribute [rw] resource_policy
|
2720
2412
|
# A JSON-formatted string constructed according to the grammar and
|
2721
|
-
# syntax for an
|
2722
|
-
# identifies who can access or manage this secret and
|
2723
|
-
# For information on how to format a JSON parameter for
|
2724
|
-
# command line tool environments, see [Using JSON for
|
2725
|
-
# in the *
|
2413
|
+
# syntax for an Amazon Web Services resource-based policy. The policy
|
2414
|
+
# in the string identifies who can access or manage this secret and
|
2415
|
+
# its versions. For information on how to format a JSON parameter for
|
2416
|
+
# the various command line tool environments, see [Using JSON for
|
2417
|
+
# Parameters][1] in the *CLI User Guide*.publi
|
2726
2418
|
#
|
2727
2419
|
#
|
2728
2420
|
#
|