aws-sdk-secretsmanager 1.62.0 → 1.65.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-secretsmanager/client.rb +40 -25
- data/lib/aws-sdk-secretsmanager/types.rb +47 -14
- data/lib/aws-sdk-secretsmanager.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 55454322928dc33ba5dbd7fde31a3d863eccff4c56eb542668f51ae0b08f16f7
|
4
|
+
data.tar.gz: 8726157c51744c29b479d30782973a74a00fb486408b696c4e5bbb1a70ac7a93
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a3ce58ec66c49f185e64a1cdde6f9bec89c261df7eec2dc3a71d3bf5d9b1fdfee4852fa63be43635921f0a8702814c46868ba831d400bb124aa3cc4f19463e07
|
7
|
+
data.tar.gz: 16cbab9304366563b8e9222ea70d917b8649ec4be9fedb85159671d2f531b6c0dc38074ca40351bf7a9508283986fa50743ccdbc94cbd96dcf062387d667e6b0
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,21 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.65.0 (2022-08-17)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Documentation updates for Secrets Manager.
|
8
|
+
|
9
|
+
1.64.0 (2022-06-16)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Documentation updates for Secrets Manager
|
13
|
+
|
14
|
+
1.63.0 (2022-06-16)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Feature - Documentation updates for Secrets Manager
|
18
|
+
|
4
19
|
1.62.0 (2022-05-25)
|
5
20
|
------------------
|
6
21
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.65.0
|
@@ -553,7 +553,9 @@ module Aws::SecretsManager
|
|
553
553
|
#
|
554
554
|
# @option params [String] :kms_key_id
|
555
555
|
# The ARN, key ID, or alias of the KMS key that Secrets Manager uses to
|
556
|
-
# encrypt the secret value in the secret.
|
556
|
+
# encrypt the secret value in the secret. An alias is always prefixed by
|
557
|
+
# `alias/`, for example `alias/aws/secretsmanager`. For more
|
558
|
+
# information, see [About aliases][1].
|
557
559
|
#
|
558
560
|
# To use a KMS key in a different account, use the key ARN or the alias
|
559
561
|
# ARN.
|
@@ -568,6 +570,10 @@ module Aws::SecretsManager
|
|
568
570
|
# to encrypt the secret, and you must create and use a customer managed
|
569
571
|
# KMS key.
|
570
572
|
#
|
573
|
+
#
|
574
|
+
#
|
575
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html
|
576
|
+
#
|
571
577
|
# @option params [String, StringIO, File] :secret_binary
|
572
578
|
# The binary data to encrypt and store in the new version of the secret.
|
573
579
|
# We recommend that you store your binary data in a file and then pass
|
@@ -1218,18 +1224,23 @@ module Aws::SecretsManager
|
|
1218
1224
|
# caching. Caching secrets improves speed and reduces your costs. For
|
1219
1225
|
# more information, see [Cache secrets for your applications][1].
|
1220
1226
|
#
|
1227
|
+
# To retrieve the previous version of a secret, use `VersionStage` and
|
1228
|
+
# specify AWSPREVIOUS. To revert to the previous version of a secret,
|
1229
|
+
# call [UpdateSecretVersionStage][2].
|
1230
|
+
#
|
1221
1231
|
# <b>Required permissions: </b> `secretsmanager:GetSecretValue`. If the
|
1222
1232
|
# secret is encrypted using a customer-managed key instead of the Amazon
|
1223
1233
|
# Web Services managed key `aws/secretsmanager`, then you also need
|
1224
1234
|
# `kms:Decrypt` permissions for that key. For more information, see [
|
1225
|
-
# IAM policy actions for Secrets Manager][
|
1226
|
-
# access control in Secrets Manager][
|
1235
|
+
# IAM policy actions for Secrets Manager][3] and [Authentication and
|
1236
|
+
# access control in Secrets Manager][4].
|
1227
1237
|
#
|
1228
1238
|
#
|
1229
1239
|
#
|
1230
1240
|
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html
|
1231
|
-
# [2]: https://docs.aws.amazon.com/
|
1232
|
-
# [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/
|
1241
|
+
# [2]: https://docs.aws.amazon.com/cli/latest/reference/secretsmanager/update-secret-version-stage.html
|
1242
|
+
# [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
|
1243
|
+
# [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
|
1233
1244
|
#
|
1234
1245
|
# @option params [required, String] :secret_id
|
1235
1246
|
# The ARN or name of the secret to retrieve.
|
@@ -1448,6 +1459,10 @@ module Aws::SecretsManager
|
|
1448
1459
|
# Services account, not including secrets that are marked for deletion.
|
1449
1460
|
# To see secrets marked for deletion, use the Secrets Manager console.
|
1450
1461
|
#
|
1462
|
+
# ListSecrets is eventually consistent, however it might not reflect
|
1463
|
+
# changes from the last five minutes. To get the latest information for
|
1464
|
+
# a specific secret, use DescribeSecret.
|
1465
|
+
#
|
1451
1466
|
# To list the versions of a secret, use ListSecretVersionIds.
|
1452
1467
|
#
|
1453
1468
|
# To get the secret value from `SecretString` or `SecretBinary`, call
|
@@ -1685,9 +1700,9 @@ module Aws::SecretsManager
|
|
1685
1700
|
# the staging label `AWSPREVIOUS` to the version that `AWSCURRENT` was
|
1686
1701
|
# removed from.
|
1687
1702
|
#
|
1688
|
-
# This operation is idempotent. If
|
1689
|
-
#
|
1690
|
-
# you specify the same secret data, the operation succeeds but does
|
1703
|
+
# This operation is idempotent. If you call this operation with a
|
1704
|
+
# `ClientRequestToken` that matches an existing version's VersionId,
|
1705
|
+
# and you specify the same secret data, the operation succeeds but does
|
1691
1706
|
# nothing. However, if the secret data is different, then the operation
|
1692
1707
|
# fails because you can't modify an existing version; you can only
|
1693
1708
|
# create new ones.
|
@@ -2446,25 +2461,12 @@ module Aws::SecretsManager
|
|
2446
2461
|
# version, Secrets Manager automatically attaches the staging label
|
2447
2462
|
# `AWSCURRENT` to the new version.
|
2448
2463
|
#
|
2449
|
-
# If you call this operation with a `
|
2450
|
-
# version's `
|
2464
|
+
# If you call this operation with a `ClientRequestToken` that matches an
|
2465
|
+
# existing version's `VersionId`, the operation results in an error.
|
2451
2466
|
# You can't modify an existing version, you can only create a new
|
2452
2467
|
# version. To remove a version, remove all staging labels from it. See
|
2453
2468
|
# UpdateSecretVersionStage.
|
2454
2469
|
#
|
2455
|
-
# If you don't specify an KMS encryption key, Secrets Manager uses the
|
2456
|
-
# Amazon Web Services managed key `aws/secretsmanager`. If this key
|
2457
|
-
# doesn't already exist in your account, then Secrets Manager creates
|
2458
|
-
# it for you automatically. All users and roles in the Amazon Web
|
2459
|
-
# Services account automatically have access to use
|
2460
|
-
# `aws/secretsmanager`. Creating `aws/secretsmanager` can result in a
|
2461
|
-
# one-time significant delay in returning the result.
|
2462
|
-
#
|
2463
|
-
# If the secret is in a different Amazon Web Services account from the
|
2464
|
-
# credentials calling the API, then you can't use `aws/secretsmanager`
|
2465
|
-
# to encrypt the secret, and you must create and use a customer managed
|
2466
|
-
# key.
|
2467
|
-
#
|
2468
2470
|
# <b>Required permissions: </b> `secretsmanager:UpdateSecret`. For more
|
2469
2471
|
# information, see [ IAM policy actions for Secrets Manager][1] and
|
2470
2472
|
# [Authentication and access control in Secrets Manager][2]. If you use
|
@@ -2514,11 +2516,23 @@ module Aws::SecretsManager
|
|
2514
2516
|
#
|
2515
2517
|
# @option params [String] :kms_key_id
|
2516
2518
|
# The ARN, key ID, or alias of the KMS key that Secrets Manager uses to
|
2517
|
-
# encrypt new secret versions as well as any existing versions the
|
2519
|
+
# encrypt new secret versions as well as any existing versions with the
|
2518
2520
|
# staging labels `AWSCURRENT`, `AWSPENDING`, or `AWSPREVIOUS`. For more
|
2519
2521
|
# information about versions and staging labels, see [Concepts:
|
2520
2522
|
# Version][1].
|
2521
2523
|
#
|
2524
|
+
# A key alias is always prefixed by `alias/`, for example
|
2525
|
+
# `alias/aws/secretsmanager`. For more information, see [About
|
2526
|
+
# aliases][2].
|
2527
|
+
#
|
2528
|
+
# If you set this to an empty string, Secrets Manager uses the Amazon
|
2529
|
+
# Web Services managed key `aws/secretsmanager`. If this key doesn't
|
2530
|
+
# already exist in your account, then Secrets Manager creates it for you
|
2531
|
+
# automatically. All users and roles in the Amazon Web Services account
|
2532
|
+
# automatically have access to use `aws/secretsmanager`. Creating
|
2533
|
+
# `aws/secretsmanager` can result in a one-time significant delay in
|
2534
|
+
# returning the result.
|
2535
|
+
#
|
2522
2536
|
# You can only use the Amazon Web Services managed key
|
2523
2537
|
# `aws/secretsmanager` if you call this operation using credentials from
|
2524
2538
|
# the same Amazon Web Services account that owns the secret. If the
|
@@ -2530,6 +2544,7 @@ module Aws::SecretsManager
|
|
2530
2544
|
#
|
2531
2545
|
#
|
2532
2546
|
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version
|
2547
|
+
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html
|
2533
2548
|
#
|
2534
2549
|
# @option params [String, StringIO, File] :secret_binary
|
2535
2550
|
# The binary data to encrypt and store in the new version of the secret.
|
@@ -2875,7 +2890,7 @@ module Aws::SecretsManager
|
|
2875
2890
|
params: params,
|
2876
2891
|
config: config)
|
2877
2892
|
context[:gem_name] = 'aws-sdk-secretsmanager'
|
2878
|
-
context[:gem_version] = '1.
|
2893
|
+
context[:gem_version] = '1.65.0'
|
2879
2894
|
Seahorse::Client::Request.new(handlers, context)
|
2880
2895
|
end
|
2881
2896
|
|
@@ -152,7 +152,9 @@ module Aws::SecretsManager
|
|
152
152
|
#
|
153
153
|
# @!attribute [rw] kms_key_id
|
154
154
|
# The ARN, key ID, or alias of the KMS key that Secrets Manager uses
|
155
|
-
# to encrypt the secret value in the secret.
|
155
|
+
# to encrypt the secret value in the secret. An alias is always
|
156
|
+
# prefixed by `alias/`, for example `alias/aws/secretsmanager`. For
|
157
|
+
# more information, see [About aliases][1].
|
156
158
|
#
|
157
159
|
# To use a KMS key in a different account, use the key ARN or the
|
158
160
|
# alias ARN.
|
@@ -166,6 +168,10 @@ module Aws::SecretsManager
|
|
166
168
|
# credentials calling the API, then you can't use
|
167
169
|
# `aws/secretsmanager` to encrypt the secret, and you must create and
|
168
170
|
# use a customer managed KMS key.
|
171
|
+
#
|
172
|
+
#
|
173
|
+
#
|
174
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html
|
169
175
|
# @return [String]
|
170
176
|
#
|
171
177
|
# @!attribute [rw] secret_binary
|
@@ -489,9 +495,10 @@ module Aws::SecretsManager
|
|
489
495
|
# @return [String]
|
490
496
|
#
|
491
497
|
# @!attribute [rw] kms_key_id
|
492
|
-
# The ARN of the KMS key that Secrets Manager uses to
|
493
|
-
# secret value. If the secret is encrypted with the Amazon
|
494
|
-
# Services managed key `aws/secretsmanager`, this field is
|
498
|
+
# The key ID or alias ARN of the KMS key that Secrets Manager uses to
|
499
|
+
# encrypt the secret value. If the secret is encrypted with the Amazon
|
500
|
+
# Web Services managed key `aws/secretsmanager`, this field is
|
501
|
+
# omitted. Secrets created using the console use an KMS key ID.
|
495
502
|
# @return [String]
|
496
503
|
#
|
497
504
|
# @!attribute [rw] rotation_enabled
|
@@ -525,9 +532,8 @@ module Aws::SecretsManager
|
|
525
532
|
# @return [Time]
|
526
533
|
#
|
527
534
|
# @!attribute [rw] last_accessed_date
|
528
|
-
# The
|
529
|
-
#
|
530
|
-
# been retrieved.
|
535
|
+
# The date that the secret was last accessed in the Region. This field
|
536
|
+
# is omitted if the secret has never been retrieved in the Region.
|
531
537
|
# @return [Time]
|
532
538
|
#
|
533
539
|
# @!attribute [rw] deleted_date
|
@@ -578,7 +584,13 @@ module Aws::SecretsManager
|
|
578
584
|
# @return [Hash<String,Array<String>>]
|
579
585
|
#
|
580
586
|
# @!attribute [rw] owning_service
|
581
|
-
# The
|
587
|
+
# The ID of the service that created this secret. For more
|
588
|
+
# information, see [Secrets managed by other Amazon Web Services
|
589
|
+
# services][1].
|
590
|
+
#
|
591
|
+
#
|
592
|
+
#
|
593
|
+
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html
|
582
594
|
# @return [String]
|
583
595
|
#
|
584
596
|
# @!attribute [rw] created_date
|
@@ -1003,6 +1015,14 @@ module Aws::SecretsManager
|
|
1003
1015
|
# a Lambda function ARN configured and you didn't include such an ARN
|
1004
1016
|
# as a parameter in this call.
|
1005
1017
|
#
|
1018
|
+
# * The secret is managed by another service, and you must use that
|
1019
|
+
# service to update it. For more information, see [Secrets managed by
|
1020
|
+
# other Amazon Web Services services][1].
|
1021
|
+
#
|
1022
|
+
#
|
1023
|
+
#
|
1024
|
+
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html
|
1025
|
+
#
|
1006
1026
|
# @!attribute [rw] message
|
1007
1027
|
# @return [String]
|
1008
1028
|
#
|
@@ -1580,7 +1600,8 @@ module Aws::SecretsManager
|
|
1580
1600
|
# @return [String]
|
1581
1601
|
#
|
1582
1602
|
# @!attribute [rw] last_accessed_date
|
1583
|
-
# The date that
|
1603
|
+
# The date that the secret was last accessed in the Region. This field
|
1604
|
+
# is omitted if the secret has never been retrieved in the Region.
|
1584
1605
|
# @return [Time]
|
1585
1606
|
#
|
1586
1607
|
# @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ReplicationStatusType AWS API Documentation
|
@@ -1912,9 +1933,8 @@ module Aws::SecretsManager
|
|
1912
1933
|
# @return [Time]
|
1913
1934
|
#
|
1914
1935
|
# @!attribute [rw] last_accessed_date
|
1915
|
-
# The
|
1916
|
-
#
|
1917
|
-
# time.
|
1936
|
+
# The date that the secret was last accessed in the Region. This field
|
1937
|
+
# is omitted if the secret has never been retrieved in the Region.
|
1918
1938
|
# @return [Time]
|
1919
1939
|
#
|
1920
1940
|
# @!attribute [rw] deleted_date
|
@@ -2229,11 +2249,23 @@ module Aws::SecretsManager
|
|
2229
2249
|
#
|
2230
2250
|
# @!attribute [rw] kms_key_id
|
2231
2251
|
# The ARN, key ID, or alias of the KMS key that Secrets Manager uses
|
2232
|
-
# to encrypt new secret versions as well as any existing versions
|
2233
|
-
# staging labels `AWSCURRENT`, `AWSPENDING`, or `AWSPREVIOUS`. For
|
2252
|
+
# to encrypt new secret versions as well as any existing versions with
|
2253
|
+
# the staging labels `AWSCURRENT`, `AWSPENDING`, or `AWSPREVIOUS`. For
|
2234
2254
|
# more information about versions and staging labels, see [Concepts:
|
2235
2255
|
# Version][1].
|
2236
2256
|
#
|
2257
|
+
# A key alias is always prefixed by `alias/`, for example
|
2258
|
+
# `alias/aws/secretsmanager`. For more information, see [About
|
2259
|
+
# aliases][2].
|
2260
|
+
#
|
2261
|
+
# If you set this to an empty string, Secrets Manager uses the Amazon
|
2262
|
+
# Web Services managed key `aws/secretsmanager`. If this key doesn't
|
2263
|
+
# already exist in your account, then Secrets Manager creates it for
|
2264
|
+
# you automatically. All users and roles in the Amazon Web Services
|
2265
|
+
# account automatically have access to use `aws/secretsmanager`.
|
2266
|
+
# Creating `aws/secretsmanager` can result in a one-time significant
|
2267
|
+
# delay in returning the result.
|
2268
|
+
#
|
2237
2269
|
# You can only use the Amazon Web Services managed key
|
2238
2270
|
# `aws/secretsmanager` if you call this operation using credentials
|
2239
2271
|
# from the same Amazon Web Services account that owns the secret. If
|
@@ -2245,6 +2277,7 @@ module Aws::SecretsManager
|
|
2245
2277
|
#
|
2246
2278
|
#
|
2247
2279
|
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version
|
2280
|
+
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html
|
2248
2281
|
# @return [String]
|
2249
2282
|
#
|
2250
2283
|
# @!attribute [rw] secret_binary
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-secretsmanager
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.65.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-08-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|