aws-sdk-secretsmanager 1.60.0 → 1.61.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-secretsmanager/client.rb +83 -31
- data/lib/aws-sdk-secretsmanager.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 832ad9eeab3ae719d2d6c26151ec9aaab148192d6b42be17490c00193d3b928c
|
|
4
|
+
data.tar.gz: ed9c5788cb61c16cd77a7e64384d5e37a5af226b4be7f068e0846324a84459d0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f453772e841f802a633a803ae51207e58382dc4a02c874939bf6042fbd37c956c25d841774459bdc427bc6d017a811b4d9fd9617551e1271e57bb9ad27fb89f3
|
|
7
|
+
data.tar.gz: 43a2d852ca685d9fa80b454620d1b2a448605400891915b78d4214f06a501e35cf8e58be55c5d56d5b84e9d25245432bc25456036e3b07276452e1121996eb78
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.61.0
|
|
@@ -364,26 +364,27 @@ module Aws::SecretsManager
|
|
|
364
364
|
# Turns off automatic rotation, and if a rotation is currently in
|
|
365
365
|
# progress, cancels the rotation.
|
|
366
366
|
#
|
|
367
|
-
#
|
|
368
|
-
#
|
|
369
|
-
#
|
|
370
|
-
#
|
|
371
|
-
#
|
|
372
|
-
#
|
|
373
|
-
#
|
|
374
|
-
#
|
|
375
|
-
#
|
|
367
|
+
# If you cancel a rotation in progress, it can leave the `VersionStage`
|
|
368
|
+
# labels in an unexpected state. You might need to remove the staging
|
|
369
|
+
# label `AWSPENDING` from the partially created version. You also need
|
|
370
|
+
# to determine whether to roll back to the previous version of the
|
|
371
|
+
# secret by moving the staging label `AWSCURRENT` to the version that
|
|
372
|
+
# has `AWSPENDING`. To determine which version has a specific staging
|
|
373
|
+
# label, call ListSecretVersionIds. Then use UpdateSecretVersionStage to
|
|
374
|
+
# change staging labels. For more information, see [How rotation
|
|
375
|
+
# works][1].
|
|
376
376
|
#
|
|
377
|
-
#
|
|
377
|
+
# To turn on automatic rotation again, call RotateSecret.
|
|
378
378
|
#
|
|
379
379
|
# <b>Required permissions: </b> `secretsmanager:CancelRotateSecret`. For
|
|
380
|
-
# more information, see [ IAM policy actions for Secrets Manager][
|
|
381
|
-
# [Authentication and access control in Secrets Manager][
|
|
380
|
+
# more information, see [ IAM policy actions for Secrets Manager][2] and
|
|
381
|
+
# [Authentication and access control in Secrets Manager][3].
|
|
382
382
|
#
|
|
383
383
|
#
|
|
384
384
|
#
|
|
385
|
-
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/
|
|
386
|
-
# [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/
|
|
385
|
+
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html
|
|
386
|
+
# [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
|
|
387
|
+
# [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
|
|
387
388
|
#
|
|
388
389
|
# @option params [required, String] :secret_id
|
|
389
390
|
# The ARN or name of the secret.
|
|
@@ -790,8 +791,20 @@ module Aws::SecretsManager
|
|
|
790
791
|
# the end of the recovery window. At the end of the recovery window,
|
|
791
792
|
# Secrets Manager deletes the secret permanently.
|
|
792
793
|
#
|
|
793
|
-
#
|
|
794
|
-
#
|
|
794
|
+
# You can't delete a primary secret that is replicated to other
|
|
795
|
+
# Regions. You must first delete the replicas using
|
|
796
|
+
# RemoveRegionsFromReplication, and then delete the primary secret. When
|
|
797
|
+
# you delete a replica, it is deleted immediately.
|
|
798
|
+
#
|
|
799
|
+
# You can't directly delete a version of a secret. Instead, you remove
|
|
800
|
+
# all staging labels from the version using UpdateSecretVersionStage.
|
|
801
|
+
# This marks the version as deprecated, and then Secrets Manager can
|
|
802
|
+
# automatically delete the version in the background.
|
|
803
|
+
#
|
|
804
|
+
# To determine whether an application still uses a secret, you can
|
|
805
|
+
# create an Amazon CloudWatch alarm to alert you to any attempts to
|
|
806
|
+
# access a secret during the recovery window. For more information, see
|
|
807
|
+
# [ Monitor secrets scheduled for deletion][1].
|
|
795
808
|
#
|
|
796
809
|
# Secrets Manager performs the permanent secret deletion at the end of
|
|
797
810
|
# the waiting period as a background task with low priority. There is no
|
|
@@ -801,9 +814,9 @@ module Aws::SecretsManager
|
|
|
801
814
|
# At any time before recovery window ends, you can use RestoreSecret to
|
|
802
815
|
# remove the `DeletionDate` and cancel the deletion of the secret.
|
|
803
816
|
#
|
|
804
|
-
#
|
|
805
|
-
# secret value.
|
|
806
|
-
#
|
|
817
|
+
# When a secret is scheduled for deletion, you cannot retrieve the
|
|
818
|
+
# secret value. You must first cancel the deletion with RestoreSecret
|
|
819
|
+
# and then you can retrieve the secret.
|
|
807
820
|
#
|
|
808
821
|
# <b>Required permissions: </b> `secretsmanager:DeleteSecret`. For more
|
|
809
822
|
# information, see [ IAM policy actions for Secrets Manager][2] and
|
|
@@ -811,7 +824,7 @@ module Aws::SecretsManager
|
|
|
811
824
|
#
|
|
812
825
|
#
|
|
813
826
|
#
|
|
814
|
-
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/
|
|
827
|
+
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring_cloudwatch_deleted-secrets.html
|
|
815
828
|
# [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
|
|
816
829
|
# [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
|
|
817
830
|
#
|
|
@@ -1310,21 +1323,21 @@ module Aws::SecretsManager
|
|
|
1310
1323
|
req.send_request(options)
|
|
1311
1324
|
end
|
|
1312
1325
|
|
|
1313
|
-
# Lists the versions
|
|
1326
|
+
# Lists the versions of a secret. Secrets Manager uses staging labels to
|
|
1327
|
+
# indicate the different versions of a secret. For more information, see
|
|
1328
|
+
# [ Secrets Manager concepts: Versions][1].
|
|
1314
1329
|
#
|
|
1315
1330
|
# To list the secrets in the account, use ListSecrets.
|
|
1316
1331
|
#
|
|
1317
|
-
# To get the secret value from `SecretString` or `SecretBinary`, call
|
|
1318
|
-
# GetSecretValue.
|
|
1319
|
-
#
|
|
1320
1332
|
# <b>Required permissions: </b> `secretsmanager:ListSecretVersionIds`.
|
|
1321
|
-
# For more information, see [ IAM policy actions for Secrets Manager][
|
|
1322
|
-
# and [Authentication and access control in Secrets Manager][
|
|
1333
|
+
# For more information, see [ IAM policy actions for Secrets Manager][2]
|
|
1334
|
+
# and [Authentication and access control in Secrets Manager][3].
|
|
1323
1335
|
#
|
|
1324
1336
|
#
|
|
1325
1337
|
#
|
|
1326
|
-
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/
|
|
1327
|
-
# [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/
|
|
1338
|
+
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version
|
|
1339
|
+
# [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
|
|
1340
|
+
# [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
|
|
1328
1341
|
#
|
|
1329
1342
|
# @option params [required, String] :secret_id
|
|
1330
1343
|
# The ARN or name of the secret whose versions you want to list.
|
|
@@ -1440,8 +1453,8 @@ module Aws::SecretsManager
|
|
|
1440
1453
|
# To get the secret value from `SecretString` or `SecretBinary`, call
|
|
1441
1454
|
# GetSecretValue.
|
|
1442
1455
|
#
|
|
1443
|
-
# For information about finding secrets in the console, see [
|
|
1444
|
-
#
|
|
1456
|
+
# For information about finding secrets in the console, see [Find
|
|
1457
|
+
# secrets in Secrets Manager][1].
|
|
1445
1458
|
#
|
|
1446
1459
|
# <b>Required permissions: </b> `secretsmanager:ListSecrets`. For more
|
|
1447
1460
|
# information, see [ IAM policy actions for Secrets Manager][2] and
|
|
@@ -2121,6 +2134,45 @@ module Aws::SecretsManager
|
|
|
2121
2134
|
# * {Types::RotateSecretResponse#name #name} => String
|
|
2122
2135
|
# * {Types::RotateSecretResponse#version_id #version_id} => String
|
|
2123
2136
|
#
|
|
2137
|
+
#
|
|
2138
|
+
# @example Example: To configure rotation for a secret
|
|
2139
|
+
#
|
|
2140
|
+
# # The following example configures rotation for a secret using a cron expression. The first rotation happens immediately
|
|
2141
|
+
# # after the changes are stored in the secret. The rotation schedule is the first and 15th day of every month. The rotation
|
|
2142
|
+
# # window begins at 4:00 PM UTC and ends at 6:00 PM.
|
|
2143
|
+
#
|
|
2144
|
+
# resp = client.rotate_secret({
|
|
2145
|
+
# rotation_lambda_arn: "arn:aws:lambda:us-west-2:123456789012:function:MyTestDatabaseRotationLambda",
|
|
2146
|
+
# rotation_rules: {
|
|
2147
|
+
# duration: "2h",
|
|
2148
|
+
# schedule_expression: "cron(0 16 1,15 * ? *)",
|
|
2149
|
+
# },
|
|
2150
|
+
# secret_id: "MyTestDatabaseSecret",
|
|
2151
|
+
# })
|
|
2152
|
+
#
|
|
2153
|
+
# resp.to_h outputs the following:
|
|
2154
|
+
# {
|
|
2155
|
+
# arn: "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
|
|
2156
|
+
# name: "MyTestDatabaseSecret",
|
|
2157
|
+
# version_id: "EXAMPLE2-90ab-cdef-fedc-ba987SECRET2",
|
|
2158
|
+
# }
|
|
2159
|
+
#
|
|
2160
|
+
# @example Example: To request an immediate rotation for a secret
|
|
2161
|
+
#
|
|
2162
|
+
# # The following example requests an immediate invocation of the secret's Lambda rotation function. It assumes that the
|
|
2163
|
+
# # specified secret already has rotation configured. The rotation function runs asynchronously in the background.
|
|
2164
|
+
#
|
|
2165
|
+
# resp = client.rotate_secret({
|
|
2166
|
+
# secret_id: "MyTestDatabaseSecret",
|
|
2167
|
+
# })
|
|
2168
|
+
#
|
|
2169
|
+
# resp.to_h outputs the following:
|
|
2170
|
+
# {
|
|
2171
|
+
# arn: "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
|
|
2172
|
+
# name: "MyTestDatabaseSecret",
|
|
2173
|
+
# version_id: "EXAMPLE2-90ab-cdef-fedc-ba987SECRET2",
|
|
2174
|
+
# }
|
|
2175
|
+
#
|
|
2124
2176
|
# @example Request syntax with placeholder values
|
|
2125
2177
|
#
|
|
2126
2178
|
# resp = client.rotate_secret({
|
|
@@ -2824,7 +2876,7 @@ module Aws::SecretsManager
|
|
|
2824
2876
|
params: params,
|
|
2825
2877
|
config: config)
|
|
2826
2878
|
context[:gem_name] = 'aws-sdk-secretsmanager'
|
|
2827
|
-
context[:gem_version] = '1.
|
|
2879
|
+
context[:gem_version] = '1.61.0'
|
|
2828
2880
|
Seahorse::Client::Request.new(handlers, context)
|
|
2829
2881
|
end
|
|
2830
2882
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-secretsmanager
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.61.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-05-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|