RubyGems - aws-sdk-secretsmanager - Versions diffs - 1.60.0 → 1.63.0 - Mend

aws-sdk-secretsmanager 1.60.0 → 1.63.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +15 -0
data/VERSION +1 -1
data/lib/aws-sdk-secretsmanager/client.rb +93 -38
data/lib/aws-sdk-secretsmanager/types.rb +2 -3
data/lib/aws-sdk-secretsmanager.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8df4daf2d651916a1c2064939bcf1dc18cc30ef5ceef9fdda071f67f3d365632
-  data.tar.gz: 8913f355a291887628e8f3537e3f700dab0fd90c0cc5430c216d0310e7005421
+  metadata.gz: '044692586d1b8a9beb0da617e052a08ff463f0493a4645e756f7d84ee649d8f2'
+  data.tar.gz: f7c83670c68063d67e0f252cf0c8a7d219ec414d218b52f2a6478326f919cf16
 SHA512:
-  metadata.gz: 8068795275cfe892637f5e9635f01566a237fdca18b9388cd3372609d24fe011e011c8a2e59d4c75b0aac0c08078be335028539d6b363e09d0fd3a079fca116d
-  data.tar.gz: c68a142de2be5b6d86b0205d663a4fb289e94d8e6bef6f0d30a0744a7f0815339637662c4ed482ff29ee151ae6c6ef530f7bf9c998bbd2b51d1443e4286a6de3
+  metadata.gz: ed436c8c5bdc245594ef6be3ef4fcc5b0f7733ad54cd2612337e4354cc642e4db93a72fbc97dc8b844474bb5eff857e1e697dc0b613c3ee3bab600b5f6bcd5b7
+  data.tar.gz: f1e5b5decfe900008c8d45171bd45e1e19408b09b622639190a23645c7cde32d1bab8d125c4694f88d764b09f86665375e8c007e9478e6d5e23d48eda019143f

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,21 @@
 Unreleased Changes
 ------------------
+1.63.0 (2022-06-16)
+------------------
+* Feature - Documentation updates for Secrets Manager
+1.62.0 (2022-05-25)
+------------------
+* Feature - Documentation updates for Secrets Manager
+1.61.0 (2022-05-11)
+------------------
+* Feature - Doc only update for Secrets Manager that fixes several customer-reported issues.
 1.60.0 (2022-04-21)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.60.0
1	+ 1.63.0

data/lib/aws-sdk-secretsmanager/client.rb CHANGED Viewed

@@ -364,26 +364,27 @@ module Aws::SecretsManager
     # Turns off automatic rotation, and if a rotation is currently in
     # progress, cancels the rotation.
     #
-    # To turn on automatic rotation again, call RotateSecret.
-    #
-    # <note markdown="1"> If you cancel a rotation in progress, it can leave the `VersionStage`
-    # labels in an unexpected state. Depending on the step of the rotation
-    # in progress, you might need to remove the staging label `AWSPENDING`
-    # from the partially created version, specified by the `VersionId`
-    # response value. We recommend you also evaluate the partially rotated
-    # new version to see if it should be deleted. You can delete a version
-    # by removing all staging labels from it.
+    # If you cancel a rotation in progress, it can leave the `VersionStage`
+    # labels in an unexpected state. You might need to remove the staging
+    # label `AWSPENDING` from the partially created version. You also need
+    # to determine whether to roll back to the previous version of the
+    # secret by moving the staging label `AWSCURRENT` to the version that
+    # has `AWSPENDING`. To determine which version has a specific staging
+    # label, call ListSecretVersionIds. Then use UpdateSecretVersionStage to
+    # change staging labels. For more information, see [How rotation
+    # works][1].
     #
-    #  </note>
+    # To turn on automatic rotation again, call RotateSecret.
     #
     # <b>Required permissions: </b> `secretsmanager:CancelRotateSecret`. For
-    # more information, see [ IAM policy actions for Secrets Manager][1] and
-    # [Authentication and access control in Secrets Manager][2].
+    # more information, see [ IAM policy actions for Secrets Manager][2] and
+    # [Authentication and access control in Secrets Manager][3].
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
-    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
+    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html
+    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
+    # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
     #
     # @option params [required, String] :secret_id
     #   The ARN or name of the secret.
@@ -790,8 +791,20 @@ module Aws::SecretsManager
     # the end of the recovery window. At the end of the recovery window,
     # Secrets Manager deletes the secret permanently.
     #
-    # For information about deleting a secret in the console, see
-    # [https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage\_delete-secret.html][1].
+    # You can't delete a primary secret that is replicated to other
+    # Regions. You must first delete the replicas using
+    # RemoveRegionsFromReplication, and then delete the primary secret. When
+    # you delete a replica, it is deleted immediately.
+    #
+    # You can't directly delete a version of a secret. Instead, you remove
+    # all staging labels from the version using UpdateSecretVersionStage.
+    # This marks the version as deprecated, and then Secrets Manager can
+    # automatically delete the version in the background.
+    #
+    # To determine whether an application still uses a secret, you can
+    # create an Amazon CloudWatch alarm to alert you to any attempts to
+    # access a secret during the recovery window. For more information, see
+    # [ Monitor secrets scheduled for deletion][1].
     #
     # Secrets Manager performs the permanent secret deletion at the end of
     # the waiting period as a background task with low priority. There is no
@@ -801,9 +814,9 @@ module Aws::SecretsManager
     # At any time before recovery window ends, you can use RestoreSecret to
     # remove the `DeletionDate` and cancel the deletion of the secret.
     #
-    # In a secret scheduled for deletion, you cannot access the encrypted
-    # secret value. To access that information, first cancel the deletion
-    # with RestoreSecret and then retrieve the information.
+    # When a secret is scheduled for deletion, you cannot retrieve the
+    # secret value. You must first cancel the deletion with RestoreSecret
+    # and then you can retrieve the secret.
     #
     # <b>Required permissions: </b> `secretsmanager:DeleteSecret`. For more
     # information, see [ IAM policy actions for Secrets Manager][2] and
@@ -811,7 +824,7 @@ module Aws::SecretsManager
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_delete-secret.html
+    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring_cloudwatch_deleted-secrets.html
     # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
     # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
     #
@@ -1310,21 +1323,21 @@ module Aws::SecretsManager
       req.send_request(options)
     end
-    # Lists the versions for a secret.
+    # Lists the versions of a secret. Secrets Manager uses staging labels to
+    # indicate the different versions of a secret. For more information, see
+    # [ Secrets Manager concepts: Versions][1].
     #
     # To list the secrets in the account, use ListSecrets.
     #
-    # To get the secret value from `SecretString` or `SecretBinary`, call
-    # GetSecretValue.
-    #
     # <b>Required permissions: </b> `secretsmanager:ListSecretVersionIds`.
-    # For more information, see [ IAM policy actions for Secrets Manager][1]
-    # and [Authentication and access control in Secrets Manager][2].
+    # For more information, see [ IAM policy actions for Secrets Manager][2]
+    # and [Authentication and access control in Secrets Manager][3].
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
-    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
+    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version
+    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
+    # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
     #
     # @option params [required, String] :secret_id
     #   The ARN or name of the secret whose versions you want to list.
@@ -1435,13 +1448,17 @@ module Aws::SecretsManager
     # Services account, not including secrets that are marked for deletion.
     # To see secrets marked for deletion, use the Secrets Manager console.
     #
+    # ListSecrets is eventually consistent, however it might not reflect
+    # changes from the last five minutes. To get the latest information for
+    # a specific secret, use DescribeSecret.
+    #
     # To list the versions of a secret, use ListSecretVersionIds.
     #
     # To get the secret value from `SecretString` or `SecretBinary`, call
     # GetSecretValue.
     #
-    # For information about finding secrets in the console, see [Enhanced
-    # search capabilities for secrets in Secrets Manager][1].
+    # For information about finding secrets in the console, see [Find
+    # secrets in Secrets Manager][1].
     #
     # <b>Required permissions: </b> `secretsmanager:ListSecrets`. For more
     # information, see [ IAM policy actions for Secrets Manager][2] and
@@ -1601,8 +1618,7 @@ module Aws::SecretsManager
     #
     # @option params [Boolean] :block_public_policy
     #   Specifies whether to block resource-based policies that allow broad
-    #   access to the secret. By default, Secrets Manager blocks policies that
-    #   allow broad access, for example those that use a wildcard for the
+    #   access to the secret, for example those that use a wildcard for the
     #   principal.
     #
     # @return [Types::PutResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -1673,9 +1689,9 @@ module Aws::SecretsManager
     # the staging label `AWSPREVIOUS` to the version that `AWSCURRENT` was
     # removed from.
     #
-    # This operation is idempotent. If a version with a `VersionId` with the
-    # same value as the `ClientRequestToken` parameter already exists, and
-    # you specify the same secret data, the operation succeeds but does
+    # This operation is idempotent. If you call this operation with a
+    # `ClientRequestToken` that matches an existing version's VersionId,
+    # and you specify the same secret data, the operation succeeds but does
     # nothing. However, if the secret data is different, then the operation
     # fails because you can't modify an existing version; you can only
     # create new ones.
@@ -2121,6 +2137,45 @@ module Aws::SecretsManager
     #   * {Types::RotateSecretResponse#name #name} => String
     #   * {Types::RotateSecretResponse#version_id #version_id} => String
     #
+    #
+    # @example Example: To configure rotation for a secret
+    #
+    #   # The following example configures rotation for a secret using a cron expression. The first rotation happens immediately
+    #   # after the changes are stored in the secret. The rotation schedule is the first and 15th day of every month. The rotation
+    #   # window begins at 4:00 PM UTC and ends at 6:00 PM.
+    #
+    #   resp = client.rotate_secret({
+    #     rotation_lambda_arn: "arn:aws:lambda:us-west-2:123456789012:function:MyTestDatabaseRotationLambda",
+    #     rotation_rules: {
+    #       duration: "2h",
+    #       schedule_expression: "cron(0 16 1,15 * ? *)",
+    #     },
+    #     secret_id: "MyTestDatabaseSecret",
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     arn: "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
+    #     name: "MyTestDatabaseSecret",
+    #     version_id: "EXAMPLE2-90ab-cdef-fedc-ba987SECRET2",
+    #   }
+    #
+    # @example Example: To request an immediate rotation for a secret
+    #
+    #   # The following example requests an immediate invocation of the secret's Lambda rotation function. It assumes that the
+    #   # specified secret already has rotation configured. The rotation function runs asynchronously in the background.
+    #
+    #   resp = client.rotate_secret({
+    #     secret_id: "MyTestDatabaseSecret",
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     arn: "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
+    #     name: "MyTestDatabaseSecret",
+    #     version_id: "EXAMPLE2-90ab-cdef-fedc-ba987SECRET2",
+    #   }
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.rotate_secret({
@@ -2395,8 +2450,8 @@ module Aws::SecretsManager
     # version, Secrets Manager automatically attaches the staging label
     # `AWSCURRENT` to the new version.
     #
-    # If you call this operation with a `VersionId` that matches an existing
-    # version's `ClientRequestToken`, the operation results in an error.
+    # If you call this operation with a `ClientRequestToken` that matches an
+    # existing version's `VersionId`, the operation results in an error.
     # You can't modify an existing version, you can only create a new
     # version. To remove a version, remove all staging labels from it. See
     # UpdateSecretVersionStage.
@@ -2824,7 +2879,7 @@ module Aws::SecretsManager
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-secretsmanager'
-      context[:gem_version] = '1.60.0'
+      context[:gem_version] = '1.63.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-secretsmanager/types.rb CHANGED Viewed

@@ -1253,9 +1253,8 @@ module Aws::SecretsManager
     #
     # @!attribute [rw] block_public_policy
     #   Specifies whether to block resource-based policies that allow broad
-    #   access to the secret. By default, Secrets Manager blocks policies
-    #   that allow broad access, for example those that use a wildcard for
-    #   the principal.
+    #   access to the secret, for example those that use a wildcard for the
+    #   principal.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyRequest AWS API Documentation

data/lib/aws-sdk-secretsmanager.rb CHANGED Viewed

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-secretsmanager/customizations'
 # @!group service
 module Aws::SecretsManager
-  GEM_VERSION = '1.60.0'
+  GEM_VERSION = '1.63.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-secretsmanager
 version: !ruby/object:Gem::Version
-  version: 1.60.0
+  version: 1.63.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-21 00:00:00.000000000 Z
+date: 2022-06-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core