aws-sdk-secretsmanager 1.7.0 → 1.8.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 622a4b933adcac112482ac40c67c19d5dc880240
4
- data.tar.gz: 5e68268c7f5ec33da5bec1b207ed86afcfb0d76f
3
+ metadata.gz: 55cd6a103d68865f9f6bff4f75ef5ab7cf71357f
4
+ data.tar.gz: 2a25eae02dfae1793ef6a623dacb35f5818e0156
5
5
  SHA512:
6
- metadata.gz: 317e66b5a68e22e8ee5449f53d82004cabad3adc07db0587e2d1e09885637c37d964ab272f535540ecb31e9b2024d3b96bbe9766e4097a92080c8dffb9e6c1e2
7
- data.tar.gz: ea4e38d3663470d49e321e6a6d122bfb6ea1bc914dda18e70b1871ee2d5bc78d7c5903ef97d5695bb34fb2a7ccf5bf1b127a502340558b257025dd1cb371a9ea
6
+ metadata.gz: 00b971baa9716771161875df1be81b691341b815f58eca7d389afbef71a8940f924777386008664dbaa0080cb3a1bc0d7924d1ac543fa87b38875d1ad9594a96
7
+ data.tar.gz: ea0024d353ae6bfe92dce7fc3b82fffecf4cf75ff788a303a092a4b77d9cf27cbce1bcdcccd87fc25805aac7021e569c3253cb1b684127beda9ec7303c9c7133
@@ -42,6 +42,6 @@ require_relative 'aws-sdk-secretsmanager/customizations'
42
42
  # @service
43
43
  module Aws::SecretsManager
44
44
 
45
- GEM_VERSION = '1.7.0'
45
+ GEM_VERSION = '1.8.0'
46
46
 
47
47
  end
@@ -115,6 +115,14 @@ module Aws::SecretsManager
115
115
  # Used when loading credentials from the shared credentials file
116
116
  # at HOME/.aws/credentials. When not specified, 'default' is used.
117
117
  #
118
+ # @option options [Float] :retry_base_delay (0.3)
119
+ # The base delay in seconds used by the default backoff function.
120
+ #
121
+ # @option options [Symbol] :retry_jitter (:none)
122
+ # A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number.
123
+ #
124
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
125
+ #
118
126
  # @option options [Integer] :retry_limit (3)
119
127
  # The maximum number of times to retry failed requests. Only
120
128
  # ~ 500 level server errors and certain ~ 400 level client errors
@@ -122,6 +130,9 @@ module Aws::SecretsManager
122
130
  # checksum errors, networking errors, timeout errors and auth
123
131
  # errors from expired credentials.
124
132
  #
133
+ # @option options [Integer] :retry_max_delay (0)
134
+ # The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function.
135
+ #
125
136
  # @option options [String] :secret_access_key
126
137
  #
127
138
  # @option options [String] :session_token
@@ -560,6 +571,55 @@ module Aws::SecretsManager
560
571
  req.send_request(options)
561
572
  end
562
573
 
574
+ # Deletes the resource-based policy currently attached to the secret.
575
+ #
576
+ # **Minimum permissions**
577
+ #
578
+ # To run this command, you must have the following permissions:
579
+ #
580
+ # * secretsmanager:DeleteResourcePolicy
581
+ #
582
+ # ^
583
+ #
584
+ # **Related operations**
585
+ #
586
+ # * To attach a resource policy to a secret, use PutResourcePolicy.
587
+ #
588
+ # * To retrieve the current resource-based policy that is attached to a
589
+ # secret, use GetResourcePolicy.
590
+ #
591
+ # * To list all of the currently available secrets, use ListSecrets.
592
+ #
593
+ # @option params [required, String] :secret_id
594
+ # Specifies the secret for which you want to delete the attached
595
+ # resource-based policy. You can specify either the Amazon Resource Name
596
+ # (ARN) or the friendly name of the secret.
597
+ #
598
+ # @return [Types::DeleteResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
599
+ #
600
+ # * {Types::DeleteResourcePolicyResponse#arn #arn} => String
601
+ # * {Types::DeleteResourcePolicyResponse#name #name} => String
602
+ #
603
+ # @example Request syntax with placeholder values
604
+ #
605
+ # resp = client.delete_resource_policy({
606
+ # secret_id: "SecretIdType", # required
607
+ # })
608
+ #
609
+ # @example Response structure
610
+ #
611
+ # resp.arn #=> String
612
+ # resp.name #=> String
613
+ #
614
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DeleteResourcePolicy AWS API Documentation
615
+ #
616
+ # @overload delete_resource_policy(params = {})
617
+ # @param [Hash] params ({})
618
+ def delete_resource_policy(params = {}, options = {})
619
+ req = build_request(:delete_resource_policy, params)
620
+ req.send_request(options)
621
+ end
622
+
563
623
  # Deletes an entire secret and all of its versions. You can optionally
564
624
  # include a recovery window during which you can restore the secret. If
565
625
  # you don't specify a recovery window value, the operation defaults to
@@ -884,6 +944,60 @@ module Aws::SecretsManager
884
944
  req.send_request(options)
885
945
  end
886
946
 
947
+ # Retrieves the JSON text of the resource-based policy attached to the
948
+ # specified secret. The JSON request string input and response output
949
+ # are shown formatted with whitespace and line breaks for better
950
+ # readability. Submit your input as a single line JSON string.
951
+ #
952
+ # **Minimum permissions**
953
+ #
954
+ # To run this command, you must have the following permissions:
955
+ #
956
+ # * secretsmanager:GetResourcePolicy
957
+ #
958
+ # ^
959
+ #
960
+ # **Related operations**
961
+ #
962
+ # * To attach a resource policy to a secret, use PutResourcePolicy.
963
+ #
964
+ # * To delete the resource-based policy that is attached to a secret,
965
+ # use DeleteResourcePolicy.
966
+ #
967
+ # * To list all of the currently available secrets, use ListSecrets.
968
+ #
969
+ # @option params [required, String] :secret_id
970
+ # Specifies the secret for which you want to retrieve the attached
971
+ # resource-based policy. You can specify either the Amazon Resource Name
972
+ # (ARN) or the friendly name of the secret.
973
+ #
974
+ # @return [Types::GetResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
975
+ #
976
+ # * {Types::GetResourcePolicyResponse#arn #arn} => String
977
+ # * {Types::GetResourcePolicyResponse#name #name} => String
978
+ # * {Types::GetResourcePolicyResponse#resource_policy #resource_policy} => String
979
+ #
980
+ # @example Request syntax with placeholder values
981
+ #
982
+ # resp = client.get_resource_policy({
983
+ # secret_id: "SecretIdType", # required
984
+ # })
985
+ #
986
+ # @example Response structure
987
+ #
988
+ # resp.arn #=> String
989
+ # resp.name #=> String
990
+ # resp.resource_policy #=> String
991
+ #
992
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/GetResourcePolicy AWS API Documentation
993
+ #
994
+ # @overload get_resource_policy(params = {})
995
+ # @param [Hash] params ({})
996
+ def get_resource_policy(params = {}, options = {})
997
+ req = build_request(:get_resource_policy, params)
998
+ req.send_request(options)
999
+ end
1000
+
887
1001
  # Retrieves the contents of the encrypted fields `SecretString` or
888
1002
  # `SecretBinary` from the specified version of a secret, whichever
889
1003
  # contains content.
@@ -1256,6 +1370,83 @@ module Aws::SecretsManager
1256
1370
  req.send_request(options)
1257
1371
  end
1258
1372
 
1373
+ # Attaches the contents of the specified resource-based policy to a
1374
+ # secret. A resource-based policy is optional. Alternatively, you can
1375
+ # use IAM user-based policies that specify the secret's ARN in the
1376
+ # policy statement's `Resources` element. You can also use a
1377
+ # combination of both identity- an resource-based policies. The affected
1378
+ # users and roles receive the permissions permitted by all of the
1379
+ # relevant policies. For more information, see [Using Resource-Based
1380
+ # Policies for AWS Secrets Manager][1]. For the complete description of
1381
+ # the AWS policy syntax and grammar, see [IAM JSON Policy Reference][2]
1382
+ # in the *IAM User Guide*.
1383
+ #
1384
+ # **Minimum permissions**
1385
+ #
1386
+ # To run this command, you must have the following permissions:
1387
+ #
1388
+ # * secretsmanager:PutResourcePolicy
1389
+ #
1390
+ # ^
1391
+ #
1392
+ # **Related operations**
1393
+ #
1394
+ # * To retrieve the resource policy attached to a secret, use
1395
+ # GetResourcePolicy.
1396
+ #
1397
+ # * To delete the resource-based policy that is attached to a secret,
1398
+ # use DeleteResourcePolicy.
1399
+ #
1400
+ # * To list all of the currently available secrets, use ListSecrets.
1401
+ #
1402
+ #
1403
+ #
1404
+ # [1]: http://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html
1405
+ # [2]: http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html
1406
+ #
1407
+ # @option params [required, String] :secret_id
1408
+ # Specifies the secret to which you want to attach the resource-based
1409
+ # policy. You can specify either the Amazon Resource Name (ARN) or the
1410
+ # friendly name of the secret.
1411
+ #
1412
+ # @option params [required, String] :resource_policy
1413
+ # A JSON-formatted string constructed according to the grammar and
1414
+ # syntax for an AWS resource-based policy. The policy in the string
1415
+ # identifies who can access or manage this secret and its versions. For
1416
+ # information on how to format a JSON parameter for the various command
1417
+ # line tool environments, see [Using JSON for Parameters][1] in the *AWS
1418
+ # CLI User Guide*.
1419
+ #
1420
+ #
1421
+ #
1422
+ # [1]: http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
1423
+ #
1424
+ # @return [Types::PutResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1425
+ #
1426
+ # * {Types::PutResourcePolicyResponse#arn #arn} => String
1427
+ # * {Types::PutResourcePolicyResponse#name #name} => String
1428
+ #
1429
+ # @example Request syntax with placeholder values
1430
+ #
1431
+ # resp = client.put_resource_policy({
1432
+ # secret_id: "SecretIdType", # required
1433
+ # resource_policy: "NonEmptyResourcePolicyType", # required
1434
+ # })
1435
+ #
1436
+ # @example Response structure
1437
+ #
1438
+ # resp.arn #=> String
1439
+ # resp.name #=> String
1440
+ #
1441
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicy AWS API Documentation
1442
+ #
1443
+ # @overload put_resource_policy(params = {})
1444
+ # @param [Hash] params ({})
1445
+ def put_resource_policy(params = {}, options = {})
1446
+ req = build_request(:put_resource_policy, params)
1447
+ req.send_request(options)
1448
+ end
1449
+
1259
1450
  # Stores a new encrypted secret value in the specified secret. To do
1260
1451
  # this, the operation creates a new version and attaches it to the
1261
1452
  # secret. The version can contain a new `SecretString` value or a new
@@ -2320,7 +2511,7 @@ module Aws::SecretsManager
2320
2511
  params: params,
2321
2512
  config: config)
2322
2513
  context[:gem_name] = 'aws-sdk-secretsmanager'
2323
- context[:gem_version] = '1.7.0'
2514
+ context[:gem_version] = '1.8.0'
2324
2515
  Seahorse::Client::Request.new(handlers, context)
2325
2516
  end
2326
2517
 
@@ -20,6 +20,8 @@ module Aws::SecretsManager
20
20
  CreateSecretResponse = Shapes::StructureShape.new(name: 'CreateSecretResponse')
21
21
  CreatedDateType = Shapes::TimestampShape.new(name: 'CreatedDateType')
22
22
  DecryptionFailure = Shapes::StructureShape.new(name: 'DecryptionFailure')
23
+ DeleteResourcePolicyRequest = Shapes::StructureShape.new(name: 'DeleteResourcePolicyRequest')
24
+ DeleteResourcePolicyResponse = Shapes::StructureShape.new(name: 'DeleteResourcePolicyResponse')
23
25
  DeleteSecretRequest = Shapes::StructureShape.new(name: 'DeleteSecretRequest')
24
26
  DeleteSecretResponse = Shapes::StructureShape.new(name: 'DeleteSecretResponse')
25
27
  DeletedDateType = Shapes::TimestampShape.new(name: 'DeletedDateType')
@@ -36,6 +38,8 @@ module Aws::SecretsManager
36
38
  ExcludeUppercaseType = Shapes::BooleanShape.new(name: 'ExcludeUppercaseType')
37
39
  GetRandomPasswordRequest = Shapes::StructureShape.new(name: 'GetRandomPasswordRequest')
38
40
  GetRandomPasswordResponse = Shapes::StructureShape.new(name: 'GetRandomPasswordResponse')
41
+ GetResourcePolicyRequest = Shapes::StructureShape.new(name: 'GetResourcePolicyRequest')
42
+ GetResourcePolicyResponse = Shapes::StructureShape.new(name: 'GetResourcePolicyResponse')
39
43
  GetSecretValueRequest = Shapes::StructureShape.new(name: 'GetSecretValueRequest')
40
44
  GetSecretValueResponse = Shapes::StructureShape.new(name: 'GetSecretValueResponse')
41
45
  IncludeSpaceType = Shapes::BooleanShape.new(name: 'IncludeSpaceType')
@@ -56,7 +60,11 @@ module Aws::SecretsManager
56
60
  MaxResultsType = Shapes::IntegerShape.new(name: 'MaxResultsType')
57
61
  NameType = Shapes::StringShape.new(name: 'NameType')
58
62
  NextTokenType = Shapes::StringShape.new(name: 'NextTokenType')
63
+ NonEmptyResourcePolicyType = Shapes::StringShape.new(name: 'NonEmptyResourcePolicyType')
59
64
  PasswordLengthType = Shapes::IntegerShape.new(name: 'PasswordLengthType')
65
+ PreconditionNotMetException = Shapes::StructureShape.new(name: 'PreconditionNotMetException')
66
+ PutResourcePolicyRequest = Shapes::StructureShape.new(name: 'PutResourcePolicyRequest')
67
+ PutResourcePolicyResponse = Shapes::StructureShape.new(name: 'PutResourcePolicyResponse')
60
68
  PutSecretValueRequest = Shapes::StructureShape.new(name: 'PutSecretValueRequest')
61
69
  PutSecretValueResponse = Shapes::StructureShape.new(name: 'PutSecretValueResponse')
62
70
  RandomPasswordType = Shapes::StringShape.new(name: 'RandomPasswordType')
@@ -118,6 +126,13 @@ module Aws::SecretsManager
118
126
  CreateSecretResponse.add_member(:version_id, Shapes::ShapeRef.new(shape: SecretVersionIdType, location_name: "VersionId"))
119
127
  CreateSecretResponse.struct_class = Types::CreateSecretResponse
120
128
 
129
+ DeleteResourcePolicyRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
130
+ DeleteResourcePolicyRequest.struct_class = Types::DeleteResourcePolicyRequest
131
+
132
+ DeleteResourcePolicyResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
133
+ DeleteResourcePolicyResponse.add_member(:name, Shapes::ShapeRef.new(shape: NameType, location_name: "Name"))
134
+ DeleteResourcePolicyResponse.struct_class = Types::DeleteResourcePolicyResponse
135
+
121
136
  DeleteSecretRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
122
137
  DeleteSecretRequest.add_member(:recovery_window_in_days, Shapes::ShapeRef.new(shape: RecoveryWindowInDaysType, location_name: "RecoveryWindowInDays", metadata: {"box"=>true}))
123
138
  DeleteSecretRequest.struct_class = Types::DeleteSecretRequest
@@ -158,6 +173,14 @@ module Aws::SecretsManager
158
173
  GetRandomPasswordResponse.add_member(:random_password, Shapes::ShapeRef.new(shape: RandomPasswordType, location_name: "RandomPassword"))
159
174
  GetRandomPasswordResponse.struct_class = Types::GetRandomPasswordResponse
160
175
 
176
+ GetResourcePolicyRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
177
+ GetResourcePolicyRequest.struct_class = Types::GetResourcePolicyRequest
178
+
179
+ GetResourcePolicyResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
180
+ GetResourcePolicyResponse.add_member(:name, Shapes::ShapeRef.new(shape: NameType, location_name: "Name"))
181
+ GetResourcePolicyResponse.add_member(:resource_policy, Shapes::ShapeRef.new(shape: NonEmptyResourcePolicyType, location_name: "ResourcePolicy"))
182
+ GetResourcePolicyResponse.struct_class = Types::GetResourcePolicyResponse
183
+
161
184
  GetSecretValueRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
162
185
  GetSecretValueRequest.add_member(:version_id, Shapes::ShapeRef.new(shape: SecretVersionIdType, location_name: "VersionId"))
163
186
  GetSecretValueRequest.add_member(:version_stage, Shapes::ShapeRef.new(shape: SecretVersionStageType, location_name: "VersionStage"))
@@ -192,6 +215,14 @@ module Aws::SecretsManager
192
215
  ListSecretsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextTokenType, location_name: "NextToken"))
193
216
  ListSecretsResponse.struct_class = Types::ListSecretsResponse
194
217
 
218
+ PutResourcePolicyRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
219
+ PutResourcePolicyRequest.add_member(:resource_policy, Shapes::ShapeRef.new(shape: NonEmptyResourcePolicyType, required: true, location_name: "ResourcePolicy"))
220
+ PutResourcePolicyRequest.struct_class = Types::PutResourcePolicyRequest
221
+
222
+ PutResourcePolicyResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
223
+ PutResourcePolicyResponse.add_member(:name, Shapes::ShapeRef.new(shape: NameType, location_name: "Name"))
224
+ PutResourcePolicyResponse.struct_class = Types::PutResourcePolicyResponse
225
+
195
226
  PutSecretValueRequest.add_member(:secret_id, Shapes::ShapeRef.new(shape: SecretIdType, required: true, location_name: "SecretId"))
196
227
  PutSecretValueRequest.add_member(:client_request_token, Shapes::ShapeRef.new(shape: ClientRequestTokenType, location_name: "ClientRequestToken", metadata: {"idempotencyToken"=>true}))
197
228
  PutSecretValueRequest.add_member(:secret_binary, Shapes::ShapeRef.new(shape: SecretBinaryType, location_name: "SecretBinary"))
@@ -337,6 +368,18 @@ module Aws::SecretsManager
337
368
  o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
338
369
  o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
339
370
  o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
371
+ o.errors << Shapes::ShapeRef.new(shape: PreconditionNotMetException)
372
+ end)
373
+
374
+ api.add_operation(:delete_resource_policy, Seahorse::Model::Operation.new.tap do |o|
375
+ o.name = "DeleteResourcePolicy"
376
+ o.http_method = "POST"
377
+ o.http_request_uri = "/"
378
+ o.input = Shapes::ShapeRef.new(shape: DeleteResourcePolicyRequest)
379
+ o.output = Shapes::ShapeRef.new(shape: DeleteResourcePolicyResponse)
380
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
381
+ o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
382
+ o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
340
383
  end)
341
384
 
342
385
  api.add_operation(:delete_secret, Seahorse::Model::Operation.new.tap do |o|
@@ -372,6 +415,17 @@ module Aws::SecretsManager
372
415
  o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
373
416
  end)
374
417
 
418
+ api.add_operation(:get_resource_policy, Seahorse::Model::Operation.new.tap do |o|
419
+ o.name = "GetResourcePolicy"
420
+ o.http_method = "POST"
421
+ o.http_request_uri = "/"
422
+ o.input = Shapes::ShapeRef.new(shape: GetResourcePolicyRequest)
423
+ o.output = Shapes::ShapeRef.new(shape: GetResourcePolicyResponse)
424
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
425
+ o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
426
+ o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
427
+ end)
428
+
375
429
  api.add_operation(:get_secret_value, Seahorse::Model::Operation.new.tap do |o|
376
430
  o.name = "GetSecretValue"
377
431
  o.http_method = "POST"
@@ -419,6 +473,19 @@ module Aws::SecretsManager
419
473
  )
420
474
  end)
421
475
 
476
+ api.add_operation(:put_resource_policy, Seahorse::Model::Operation.new.tap do |o|
477
+ o.name = "PutResourcePolicy"
478
+ o.http_method = "POST"
479
+ o.http_request_uri = "/"
480
+ o.input = Shapes::ShapeRef.new(shape: PutResourcePolicyRequest)
481
+ o.output = Shapes::ShapeRef.new(shape: PutResourcePolicyResponse)
482
+ o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
483
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
484
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
485
+ o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
486
+ o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
487
+ end)
488
+
422
489
  api.add_operation(:put_secret_value, Seahorse::Model::Operation.new.tap do |o|
423
490
  o.name = "PutSecretValue"
424
491
  o.http_method = "POST"
@@ -465,6 +532,7 @@ module Aws::SecretsManager
465
532
  o.input = Shapes::ShapeRef.new(shape: TagResourceRequest)
466
533
  o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
467
534
  o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
535
+ o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
468
536
  o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
469
537
  o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
470
538
  end)
@@ -476,6 +544,7 @@ module Aws::SecretsManager
476
544
  o.input = Shapes::ShapeRef.new(shape: UntagResourceRequest)
477
545
  o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
478
546
  o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
547
+ o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
479
548
  o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
480
549
  o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
481
550
  end)
@@ -494,6 +563,7 @@ module Aws::SecretsManager
494
563
  o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
495
564
  o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
496
565
  o.errors << Shapes::ShapeRef.new(shape: InternalServiceError)
566
+ o.errors << Shapes::ShapeRef.new(shape: PreconditionNotMetException)
497
567
  end)
498
568
 
499
569
  api.add_operation(:update_secret_version_stage, Seahorse::Model::Operation.new.tap do |o|
@@ -291,6 +291,44 @@ module Aws::SecretsManager
291
291
  include Aws::Structure
292
292
  end
293
293
 
294
+ # @note When making an API call, you may pass DeleteResourcePolicyRequest
295
+ # data as a hash:
296
+ #
297
+ # {
298
+ # secret_id: "SecretIdType", # required
299
+ # }
300
+ #
301
+ # @!attribute [rw] secret_id
302
+ # Specifies the secret for which you want to delete the attached
303
+ # resource-based policy. You can specify either the Amazon Resource
304
+ # Name (ARN) or the friendly name of the secret.
305
+ # @return [String]
306
+ #
307
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DeleteResourcePolicyRequest AWS API Documentation
308
+ #
309
+ class DeleteResourcePolicyRequest < Struct.new(
310
+ :secret_id)
311
+ include Aws::Structure
312
+ end
313
+
314
+ # @!attribute [rw] arn
315
+ # The ARN of the secret for which the resource-based policy was
316
+ # deleted.
317
+ # @return [String]
318
+ #
319
+ # @!attribute [rw] name
320
+ # The friendly name of the secret for which the resource-based policy
321
+ # was deleted.
322
+ # @return [String]
323
+ #
324
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DeleteResourcePolicyResponse AWS API Documentation
325
+ #
326
+ class DeleteResourcePolicyResponse < Struct.new(
327
+ :arn,
328
+ :name)
329
+ include Aws::Structure
330
+ end
331
+
294
332
  # @note When making an API call, you may pass DeleteSecretRequest
295
333
  # data as a hash:
296
334
  #
@@ -552,6 +590,59 @@ module Aws::SecretsManager
552
590
  include Aws::Structure
553
591
  end
554
592
 
593
+ # @note When making an API call, you may pass GetResourcePolicyRequest
594
+ # data as a hash:
595
+ #
596
+ # {
597
+ # secret_id: "SecretIdType", # required
598
+ # }
599
+ #
600
+ # @!attribute [rw] secret_id
601
+ # Specifies the secret for which you want to retrieve the attached
602
+ # resource-based policy. You can specify either the Amazon Resource
603
+ # Name (ARN) or the friendly name of the secret.
604
+ # @return [String]
605
+ #
606
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/GetResourcePolicyRequest AWS API Documentation
607
+ #
608
+ class GetResourcePolicyRequest < Struct.new(
609
+ :secret_id)
610
+ include Aws::Structure
611
+ end
612
+
613
+ # @!attribute [rw] arn
614
+ # The ARN of the secret for which the resource-based policy was
615
+ # retrieved.
616
+ # @return [String]
617
+ #
618
+ # @!attribute [rw] name
619
+ # The friendly name of the secret for which the resource-based policy
620
+ # was retrieved.
621
+ # @return [String]
622
+ #
623
+ # @!attribute [rw] resource_policy
624
+ # A JSON-formatted string that describes the permissions associated
625
+ # with the attached secret. These permissions are combined with any
626
+ # permissions associated with the user or role who attempts to access
627
+ # this secret. The combined permissions specify who can access the
628
+ # secret and what actions they can perform. For more information, see
629
+ # [Authentication and Access Control for AWS Secrets Manager][1] in
630
+ # the *AWS Secrets Manager User Guide*.
631
+ #
632
+ #
633
+ #
634
+ # [1]: http://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
635
+ # @return [String]
636
+ #
637
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/GetResourcePolicyResponse AWS API Documentation
638
+ #
639
+ class GetResourcePolicyResponse < Struct.new(
640
+ :arn,
641
+ :name,
642
+ :resource_policy)
643
+ include Aws::Structure
644
+ end
645
+
555
646
  # @note When making an API call, you may pass GetSecretValueRequest
556
647
  # data as a hash:
557
648
  #
@@ -829,6 +920,59 @@ module Aws::SecretsManager
829
920
  include Aws::Structure
830
921
  end
831
922
 
923
+ # @note When making an API call, you may pass PutResourcePolicyRequest
924
+ # data as a hash:
925
+ #
926
+ # {
927
+ # secret_id: "SecretIdType", # required
928
+ # resource_policy: "NonEmptyResourcePolicyType", # required
929
+ # }
930
+ #
931
+ # @!attribute [rw] secret_id
932
+ # Specifies the secret to which you want to attach the resource-based
933
+ # policy. You can specify either the Amazon Resource Name (ARN) or the
934
+ # friendly name of the secret.
935
+ # @return [String]
936
+ #
937
+ # @!attribute [rw] resource_policy
938
+ # A JSON-formatted string constructed according to the grammar and
939
+ # syntax for an AWS resource-based policy. The policy in the string
940
+ # identifies who can access or manage this secret and its versions.
941
+ # For information on how to format a JSON parameter for the various
942
+ # command line tool environments, see [Using JSON for Parameters][1]
943
+ # in the *AWS CLI User Guide*.
944
+ #
945
+ #
946
+ #
947
+ # [1]: http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
948
+ # @return [String]
949
+ #
950
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyRequest AWS API Documentation
951
+ #
952
+ class PutResourcePolicyRequest < Struct.new(
953
+ :secret_id,
954
+ :resource_policy)
955
+ include Aws::Structure
956
+ end
957
+
958
+ # @!attribute [rw] arn
959
+ # The ARN of the secret for which the resource-based policy was
960
+ # retrieved.
961
+ # @return [String]
962
+ #
963
+ # @!attribute [rw] name
964
+ # The friendly name of the secret for which the resource-based policy
965
+ # was retrieved.
966
+ # @return [String]
967
+ #
968
+ # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutResourcePolicyResponse AWS API Documentation
969
+ #
970
+ class PutResourcePolicyResponse < Struct.new(
971
+ :arn,
972
+ :name)
973
+ include Aws::Structure
974
+ end
975
+
832
976
  # @note When making an API call, you may pass PutSecretValueRequest
833
977
  # data as a hash:
834
978
  #
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-secretsmanager
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.7.0
4
+ version: 1.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-06-05 00:00:00.000000000 Z
11
+ date: 2018-06-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core