aws-sdk-secretsmanager 1.70.0 → 1.72.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a891ecc91bb9b24a02af41ad8598be6db0b090c889b06ca923418913ebd49052
4
- data.tar.gz: 3d0155ca46e14988295b03922377d1d513c3fa22b5c473d7065a9beee53c11cc
3
+ metadata.gz: da6260a86f7107f63b0573d2b4680ea83189e79f4c023056cd7388ad7885cacb
4
+ data.tar.gz: 3c37e40dfd47e37916338b482fcea9f094e8e9c2c3d425d3b1a6d0851e7ce1ea
5
5
  SHA512:
6
- metadata.gz: cee58913dd159e16235427b18fa73399c6e892bad541fee74a79068f2bb639aed062d72adc992027b9bc05b133a90aad0b67356bcc7d581cd539206f5b9ca57e
7
- data.tar.gz: 05de315397bd20563b8cd8cb4105d0c1cd5b3faead360f15effda07aaa2e390c6820016dfbbe57967833959f5b094daf2785e40f9d10960b862f3388951bb882
6
+ metadata.gz: 925c5772906fcef6c8f0c068a1aec9defbf659a1289c3d2f1a4ed4af1f372f172ad95f4d70fdb2979628be1070f6d014bf231d4baec230529028b00b7e142de6
7
+ data.tar.gz: a38e06173e1c27f2f010141cf1d690e01862f08a9b1b27c341f005c64d4e516a13e78b75498c7adcaa4d9a4b8f26035ea44ebaab2f6cd7dba71a8ae8bcedaa45
data/CHANGELOG.md CHANGED
@@ -1,6 +1,18 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.72.0 (2023-01-18)
5
+ ------------------
6
+
7
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
8
+
9
+ * Issue - Replace runtime endpoint resolution approach with generated ruby code.
10
+
11
+ 1.71.0 (2023-01-12)
12
+ ------------------
13
+
14
+ * Feature - Update documentation for new ListSecrets and DescribeSecret parameters
15
+
4
16
  1.70.0 (2022-12-29)
5
17
  ------------------
6
18
 
@@ -360,4 +372,4 @@ Unreleased Changes
360
372
  1.0.0 (2018-04-04)
361
373
  ------------------
362
374
 
363
- * Feature - Initial release of `aws-sdk-secretsmanager`.
375
+ * Feature - Initial release of `aws-sdk-secretsmanager`.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.70.0
1
+ 1.72.0
@@ -471,8 +471,12 @@ module Aws::SecretsManager
471
471
  # secret in Secrets Manager consists of both the protected secret data
472
472
  # and the important information needed to manage the secret.
473
473
  #
474
+ # For secrets that use *managed rotation*, you need to create the secret
475
+ # through the managing service. For more information, see [Secrets
476
+ # Manager secrets managed by other Amazon Web Services services][1].
477
+ #
474
478
  # For information about creating a secret in the console, see [Create a
475
- # secret][1].
479
+ # secret][2].
476
480
  #
477
481
  # To create a secret, you can provide the secret value to be encrypted
478
482
  # in either the `SecretString` parameter or the `SecretBinary`
@@ -483,7 +487,7 @@ module Aws::SecretsManager
483
487
  # For database credentials you want to rotate, for Secrets Manager to be
484
488
  # able to rotate the secret, you must make sure the JSON you store in
485
489
  # the `SecretString` matches the [JSON structure of a database
486
- # secret][2].
490
+ # secret][3].
487
491
  #
488
492
  # If you don't specify an KMS encryption key, Secrets Manager uses the
489
493
  # Amazon Web Services managed key `aws/secretsmanager`. If this key
@@ -502,13 +506,13 @@ module Aws::SecretsManager
502
506
  # action. Do not include sensitive information in request parameters
503
507
  # except `SecretBinary` or `SecretString` because it might be logged.
504
508
  # For more information, see [Logging Secrets Manager events with
505
- # CloudTrail][3].
509
+ # CloudTrail][4].
506
510
  #
507
511
  # <b>Required permissions: </b> `secretsmanager:CreateSecret`. If you
508
512
  # include tags in the secret, you also need
509
513
  # `secretsmanager:TagResource`. For more information, see [ IAM policy
510
- # actions for Secrets Manager][4] and [Authentication and access control
511
- # in Secrets Manager][5].
514
+ # actions for Secrets Manager][5] and [Authentication and access control
515
+ # in Secrets Manager][6].
512
516
  #
513
517
  # To encrypt the secret with a KMS key other than `aws/secretsmanager`,
514
518
  # you need `kms:GenerateDataKey` and `kms:Decrypt` permission to the
@@ -516,11 +520,12 @@ module Aws::SecretsManager
516
520
  #
517
521
  #
518
522
  #
519
- # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html
520
- # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html
521
- # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
522
- # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
523
- # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
523
+ # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html
524
+ # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html
525
+ # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html
526
+ # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
527
+ # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
528
+ # [6]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
524
529
  #
525
530
  # @option params [required, String] :name
526
531
  # The name of the new secret.
@@ -1027,6 +1032,7 @@ module Aws::SecretsManager
1027
1032
  # last_changed_date: Time.parse(1523477145.729),
1028
1033
  # last_rotated_date: Time.parse(1525747253.72),
1029
1034
  # name: "MyTestDatabaseSecret",
1035
+ # next_rotation_date: Time.parse("1665165599"),
1030
1036
  # rotation_enabled: true,
1031
1037
  # rotation_lambda_arn: "arn:aws:lambda:us-west-2:123456789012:function:MyTestRotationLambda",
1032
1038
  # rotation_rules: {
@@ -1562,6 +1568,7 @@ module Aws::SecretsManager
1562
1568
  # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
1563
1569
  #
1564
1570
  # @option params [Boolean] :include_planned_deletion
1571
+ # Specifies whether to include secrets scheduled for deletion.
1565
1572
  #
1566
1573
  # @option params [Integer] :max_results
1567
1574
  # The number of results to include in the response.
@@ -2145,66 +2152,42 @@ module Aws::SecretsManager
2145
2152
  end
2146
2153
 
2147
2154
  # Configures and starts the asynchronous process of rotating the secret.
2148
- # For more information about rotation, see [Rotate secrets][1].
2149
- #
2150
- # If you include the configuration parameters, the operation sets the
2151
- # values for the secret and then immediately starts a rotation. If you
2152
- # don't include the configuration parameters, the operation starts a
2153
- # rotation with the values already stored in the secret.
2154
- #
2155
- # For database credentials you want to rotate, for Secrets Manager to be
2156
- # able to rotate the secret, you must make sure the secret value is in
2157
- # the [ JSON structure of a database secret][2]. In particular, if you
2158
- # want to use the [ alternating users strategy][3], your secret must
2159
- # contain the ARN of a superuser secret.
2160
- #
2161
- # To configure rotation, you also need the ARN of an Amazon Web Services
2162
- # Lambda function and the schedule for the rotation. The Lambda rotation
2163
- # function creates a new version of the secret and creates or updates
2164
- # the credentials on the database or service to match. After testing the
2165
- # new credentials, the function marks the new secret version with the
2166
- # staging label `AWSCURRENT`. Then anyone who retrieves the secret gets
2167
- # the new version. For more information, see [How rotation works][4].
2168
- #
2169
- # You can create the Lambda rotation function based on the [rotation
2170
- # function templates][5] that Secrets Manager provides. Choose a
2171
- # template that matches your [Rotation strategy][6].
2155
+ # For information about rotation, see [Rotate secrets][1] in the
2156
+ # *Secrets Manager User Guide*. If you include the configuration
2157
+ # parameters, the operation sets the values for the secret and then
2158
+ # immediately starts a rotation. If you don't include the configuration
2159
+ # parameters, the operation starts a rotation with the values already
2160
+ # stored in the secret.
2172
2161
  #
2173
2162
  # When rotation is successful, the `AWSPENDING` staging label might be
2174
2163
  # attached to the same version as the `AWSCURRENT` version, or it might
2175
2164
  # not be attached to any version. If the `AWSPENDING` staging label is
2176
2165
  # present but not attached to the same version as `AWSCURRENT`, then any
2177
2166
  # later invocation of `RotateSecret` assumes that a previous rotation
2178
- # request is still in progress and returns an error.
2179
- #
2180
- # When rotation is unsuccessful, the `AWSPENDING` staging label might be
2181
- # attached to an empty secret version. For more information, see
2182
- # [Troubleshoot rotation][7] in the *Secrets Manager User Guide*.
2167
+ # request is still in progress and returns an error. When rotation is
2168
+ # unsuccessful, the `AWSPENDING` staging label might be attached to an
2169
+ # empty secret version. For more information, see [Troubleshoot
2170
+ # rotation][2] in the *Secrets Manager User Guide*.
2183
2171
  #
2184
2172
  # Secrets Manager generates a CloudTrail log entry when you call this
2185
2173
  # action. Do not include sensitive information in request parameters
2186
2174
  # because it might be logged. For more information, see [Logging Secrets
2187
- # Manager events with CloudTrail][8].
2175
+ # Manager events with CloudTrail][3].
2188
2176
  #
2189
2177
  # <b>Required permissions: </b> `secretsmanager:RotateSecret`. For more
2190
- # information, see [ IAM policy actions for Secrets Manager][9] and
2191
- # [Authentication and access control in Secrets Manager][10]. You also
2178
+ # information, see [ IAM policy actions for Secrets Manager][4] and
2179
+ # [Authentication and access control in Secrets Manager][5]. You also
2192
2180
  # need `lambda:InvokeFunction` permissions on the rotation function. For
2193
- # more information, see [ Permissions for rotation][11].
2181
+ # more information, see [ Permissions for rotation][6].
2194
2182
  #
2195
2183
  #
2196
2184
  #
2197
2185
  # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html
2198
- # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html
2199
- # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users
2200
- # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html
2201
- # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html
2202
- # [6]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html
2203
- # [7]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html
2204
- # [8]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
2205
- # [9]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
2206
- # [10]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
2207
- # [11]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html
2186
+ # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html
2187
+ # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
2188
+ # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
2189
+ # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
2190
+ # [6]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html
2208
2191
  #
2209
2192
  # @option params [required, String] :secret_id
2210
2193
  # The ARN or name of the secret to rotate.
@@ -2244,7 +2227,16 @@ module Aws::SecretsManager
2244
2227
  # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
2245
2228
  #
2246
2229
  # @option params [String] :rotation_lambda_arn
2247
- # The ARN of the Lambda rotation function that can rotate the secret.
2230
+ # For secrets that use a Lambda rotation function to rotate, the ARN of
2231
+ # the Lambda rotation function.
2232
+ #
2233
+ # For secrets that use *managed rotation*, omit this field. For more
2234
+ # information, see [Managed rotation][1] in the *Secrets Manager User
2235
+ # Guide*.
2236
+ #
2237
+ #
2238
+ #
2239
+ # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html
2248
2240
  #
2249
2241
  # @option params [Types::RotationRulesType] :rotation_rules
2250
2242
  # A structure that defines the rotation configuration for this secret.
@@ -2254,7 +2246,8 @@ module Aws::SecretsManager
2254
2246
  # next scheduled rotation window. The rotation schedule is defined in
2255
2247
  # RotateSecretRequest$RotationRules.
2256
2248
  #
2257
- # If you don't immediately rotate the secret, Secrets Manager tests the
2249
+ # For secrets that use a Lambda rotation function to rotate, if you
2250
+ # don't immediately rotate the secret, Secrets Manager tests the
2258
2251
  # rotation configuration by running the [ `testSecret` step][1] of the
2259
2252
  # Lambda rotation function. The test creates an `AWSPENDING` version of
2260
2253
  # the secret and then removes it.
@@ -2590,6 +2583,10 @@ module Aws::SecretsManager
2590
2583
  # To change the rotation configuration of a secret, use RotateSecret
2591
2584
  # instead.
2592
2585
  #
2586
+ # To change a secret so that it is managed by another service, you need
2587
+ # to recreate the secret in that service. See [Secrets Manager secrets
2588
+ # managed by other Amazon Web Services services][1].
2589
+ #
2593
2590
  # We recommend you avoid calling `UpdateSecret` at a sustained rate of
2594
2591
  # more than once every 10 minutes. When you call `UpdateSecret` to
2595
2592
  # update the secret value, Secrets Manager creates a new version of the
@@ -2614,21 +2611,22 @@ module Aws::SecretsManager
2614
2611
  # action. Do not include sensitive information in request parameters
2615
2612
  # except `SecretBinary` or `SecretString` because it might be logged.
2616
2613
  # For more information, see [Logging Secrets Manager events with
2617
- # CloudTrail][1].
2614
+ # CloudTrail][2].
2618
2615
  #
2619
2616
  # <b>Required permissions: </b> `secretsmanager:UpdateSecret`. For more
2620
- # information, see [ IAM policy actions for Secrets Manager][2] and
2621
- # [Authentication and access control in Secrets Manager][3]. If you use
2617
+ # information, see [ IAM policy actions for Secrets Manager][3] and
2618
+ # [Authentication and access control in Secrets Manager][4]. If you use
2622
2619
  # a customer managed key, you must also have `kms:GenerateDataKey` and
2623
2620
  # `kms:Decrypt` permissions on the key. For more information, see [
2624
- # Secret encryption and decryption][4].
2621
+ # Secret encryption and decryption][5].
2625
2622
  #
2626
2623
  #
2627
2624
  #
2628
- # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
2629
- # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
2630
- # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
2631
- # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html
2625
+ # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html
2626
+ # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
2627
+ # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
2628
+ # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
2629
+ # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html
2632
2630
  #
2633
2631
  # @option params [required, String] :secret_id
2634
2632
  # The ARN or name of the secret.
@@ -3052,7 +3050,7 @@ module Aws::SecretsManager
3052
3050
  params: params,
3053
3051
  config: config)
3054
3052
  context[:gem_name] = 'aws-sdk-secretsmanager'
3055
- context[:gem_version] = '1.70.0'
3053
+ context[:gem_version] = '1.72.0'
3056
3054
  Seahorse::Client::Request.new(handlers, context)
3057
3055
  end
3058
3056
 
@@ -9,103 +9,43 @@
9
9
 
10
10
  module Aws::SecretsManager
11
11
  class EndpointProvider
12
- def initialize(rule_set = nil)
13
- @@rule_set ||= begin
14
- endpoint_rules = Aws::Json.load(Base64.decode64(RULES))
15
- Aws::Endpoints::RuleSet.new(
16
- version: endpoint_rules['version'],
17
- service_id: endpoint_rules['serviceId'],
18
- parameters: endpoint_rules['parameters'],
19
- rules: endpoint_rules['rules']
20
- )
12
+ def resolve_endpoint(parameters)
13
+ region = parameters.region
14
+ use_dual_stack = parameters.use_dual_stack
15
+ use_fips = parameters.use_fips
16
+ endpoint = parameters.endpoint
17
+ if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
18
+ if Aws::Endpoints::Matchers.set?(endpoint)
19
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
20
+ raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
21
+ end
22
+ if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
23
+ raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
24
+ end
25
+ return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
26
+ end
27
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
28
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
29
+ return Aws::Endpoints::Endpoint.new(url: "https://secretsmanager-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
30
+ end
31
+ raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
32
+ end
33
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
34
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
35
+ return Aws::Endpoints::Endpoint.new(url: "https://secretsmanager-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
36
+ end
37
+ raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
38
+ end
39
+ if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
40
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
41
+ return Aws::Endpoints::Endpoint.new(url: "https://secretsmanager.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
42
+ end
43
+ raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
44
+ end
45
+ return Aws::Endpoints::Endpoint.new(url: "https://secretsmanager.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
21
46
  end
22
- @provider = Aws::Endpoints::RulesProvider.new(rule_set || @@rule_set)
23
- end
47
+ raise ArgumentError, 'No endpoint could be resolved'
24
48
 
25
- def resolve_endpoint(parameters)
26
- @provider.resolve_endpoint(parameters)
27
49
  end
28
-
29
- # @api private
30
- RULES = <<-JSON
31
- eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
32
- bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOnRydWUsImRvY3VtZW50
33
- YXRpb24iOiJUaGUgQVdTIHJlZ2lvbiB1c2VkIHRvIGRpc3BhdGNoIHRoZSBy
34
- ZXF1ZXN0LiIsInR5cGUiOiJTdHJpbmcifSwiVXNlRHVhbFN0YWNrIjp7ImJ1
35
- aWx0SW4iOiJBV1M6OlVzZUR1YWxTdGFjayIsInJlcXVpcmVkIjp0cnVlLCJk
36
- ZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRhdGlvbiI6IldoZW4gdHJ1ZSwgdXNl
37
- IHRoZSBkdWFsLXN0YWNrIGVuZHBvaW50LiBJZiB0aGUgY29uZmlndXJlZCBl
38
- bmRwb2ludCBkb2VzIG5vdCBzdXBwb3J0IGR1YWwtc3RhY2ssIGRpc3BhdGNo
39
- aW5nIHRoZSByZXF1ZXN0IE1BWSByZXR1cm4gYW4gZXJyb3IuIiwidHlwZSI6
40
- IkJvb2xlYW4ifSwiVXNlRklQUyI6eyJidWlsdEluIjoiQVdTOjpVc2VGSVBT
41
- IiwicmVxdWlyZWQiOnRydWUsImRlZmF1bHQiOmZhbHNlLCJkb2N1bWVudGF0
42
- aW9uIjoiV2hlbiB0cnVlLCBzZW5kIHRoaXMgcmVxdWVzdCB0byB0aGUgRklQ
43
- Uy1jb21wbGlhbnQgcmVnaW9uYWwgZW5kcG9pbnQuIElmIHRoZSBjb25maWd1
44
- cmVkIGVuZHBvaW50IGRvZXMgbm90IGhhdmUgYSBGSVBTIGNvbXBsaWFudCBl
45
- bmRwb2ludCwgZGlzcGF0Y2hpbmcgdGhlIHJlcXVlc3Qgd2lsbCByZXR1cm4g
46
- YW4gZXJyb3IuIiwidHlwZSI6IkJvb2xlYW4ifSwiRW5kcG9pbnQiOnsiYnVp
47
- bHRJbiI6IlNESzo6RW5kcG9pbnQiLCJyZXF1aXJlZCI6ZmFsc2UsImRvY3Vt
48
- ZW50YXRpb24iOiJPdmVycmlkZSB0aGUgZW5kcG9pbnQgdXNlZCB0byBzZW5k
49
- IHRoaXMgcmVxdWVzdCIsInR5cGUiOiJTdHJpbmcifX0sInJ1bGVzIjpbeyJj
50
- b25kaXRpb25zIjpbeyJmbiI6ImF3cy5wYXJ0aXRpb24iLCJhcmd2IjpbeyJy
51
- ZWYiOiJSZWdpb24ifV0sImFzc2lnbiI6IlBhcnRpdGlvblJlc3VsdCJ9XSwi
52
- dHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6W3siZm4iOiJp
53
- c1NldCIsImFyZ3YiOlt7InJlZiI6IkVuZHBvaW50In1dfV0sInR5cGUiOiJ0
54
- cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVx
55
- dWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUZJUFMifSx0cnVlXX1dLCJlcnJv
56
- ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRklQUyBhbmQgY3VzdG9tIGVu
57
- ZHBvaW50IGFyZSBub3Qgc3VwcG9ydGVkIiwidHlwZSI6ImVycm9yIn0seyJj
58
- b25kaXRpb25zIjpbXSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
59
- aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoi
60
- VXNlRHVhbFN0YWNrIn0sdHJ1ZV19XSwiZXJyb3IiOiJJbnZhbGlkIENvbmZp
61
- Z3VyYXRpb246IER1YWxzdGFjayBhbmQgY3VzdG9tIGVuZHBvaW50IGFyZSBu
62
- b3Qgc3VwcG9ydGVkIiwidHlwZSI6ImVycm9yIn0seyJjb25kaXRpb25zIjpb
63
- XSwiZW5kcG9pbnQiOnsidXJsIjp7InJlZiI6IkVuZHBvaW50In0sInByb3Bl
64
- cnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1d
65
- fSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3Yi
66
- Olt7InJlZiI6IlVzZUZJUFMifSx0cnVlXX0seyJmbiI6ImJvb2xlYW5FcXVh
67
- bHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJ0
68
- eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJv
69
- b2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1ZSx7ImZuIjoiZ2V0QXR0ciIsImFy
70
- Z3YiOlt7InJlZiI6IlBhcnRpdGlvblJlc3VsdCJ9LCJzdXBwb3J0c0ZJUFMi
71
- XX1dfSx7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4i
72
- OiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0s
73
- InN1cHBvcnRzRHVhbFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVz
74
- IjpbeyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6
75
- Ly9zZWNyZXRzbWFuYWdlci1maXBzLntSZWdpb259LntQYXJ0aXRpb25SZXN1
76
- bHQjZHVhbFN0YWNrRG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJoZWFk
77
- ZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX0seyJjb25kaXRpb25zIjpb
78
- XSwiZXJyb3IiOiJGSVBTIGFuZCBEdWFsU3RhY2sgYXJlIGVuYWJsZWQsIGJ1
79
- dCB0aGlzIHBhcnRpdGlvbiBkb2VzIG5vdCBzdXBwb3J0IG9uZSBvciBib3Ro
80
- IiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9v
81
- bGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUZJUFMifSx0cnVlXX1d
82
- LCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6
83
- ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1ZSx7ImZuIjoiZ2V0QXR0ciIs
84
- ImFyZ3YiOlt7InJlZiI6IlBhcnRpdGlvblJlc3VsdCJ9LCJzdXBwb3J0c0ZJ
85
- UFMiXX1dfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMi
86
- OltdLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpbXSwi
87
- ZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9zZWNyZXRzbWFuYWdlci1maXBz
88
- LntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4fSIsInByb3Bl
89
- cnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1d
90
- fSx7ImNvbmRpdGlvbnMiOltdLCJlcnJvciI6IkZJUFMgaXMgZW5hYmxlZCBi
91
- dXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBGSVBTIiwidHlw
92
- ZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVx
93
- dWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxTdGFjayJ9LHRydWVdfV0s
94
- InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
95
- Ym9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4iOiJnZXRBdHRyIiwi
96
- YXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0sInN1cHBvcnRzRHVh
97
- bFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRp
98
- b25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9zZWNyZXRzbWFu
99
- YWdlci57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2R1YWxTdGFja0Ruc1N1
100
- ZmZpeH0iLCJwcm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoi
101
- ZW5kcG9pbnQifV19LHsiY29uZGl0aW9ucyI6W10sImVycm9yIjoiRHVhbFN0
102
- YWNrIGlzIGVuYWJsZWQgYnV0IHRoaXMgcGFydGl0aW9uIGRvZXMgbm90IHN1
103
- cHBvcnQgRHVhbFN0YWNrIiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlv
104
- bnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOiJodHRwczovL3NlY3JldHNtYW5h
105
- Z2VyLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4fSIsInBy
106
- b3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9
107
- XX1dfQ==
108
-
109
- JSON
110
50
  end
111
51
  end
@@ -494,6 +494,9 @@ module Aws::SecretsManager
494
494
  # @return [Time]
495
495
  #
496
496
  # @!attribute [rw] next_rotation_date
497
+ # The next date and time that Secrets Manager will rotate the secret,
498
+ # rounded to the nearest hour. If the secret isn't configured for
499
+ # rotation, Secrets Manager returns null.
497
500
  # @return [Time]
498
501
  #
499
502
  # @!attribute [rw] tags
@@ -627,6 +630,8 @@ module Aws::SecretsManager
627
630
  #
628
631
  # * **primary-region**\: Prefix match, case-sensitive.
629
632
  #
633
+ # * **owning-service**\: Prefix match, case-sensitive.
634
+ #
630
635
  # * **all**\: Breaks the filter value string into words and then
631
636
  # searches all attributes for matches. Not case-sensitive.
632
637
  # @return [String]
@@ -1034,6 +1039,7 @@ module Aws::SecretsManager
1034
1039
  end
1035
1040
 
1036
1041
  # @!attribute [rw] include_planned_deletion
1042
+ # Specifies whether to include secrets scheduled for deletion.
1037
1043
  # @return [Boolean]
1038
1044
  #
1039
1045
  # @!attribute [rw] max_results
@@ -1560,7 +1566,16 @@ module Aws::SecretsManager
1560
1566
  # @return [String]
1561
1567
  #
1562
1568
  # @!attribute [rw] rotation_lambda_arn
1563
- # The ARN of the Lambda rotation function that can rotate the secret.
1569
+ # For secrets that use a Lambda rotation function to rotate, the ARN
1570
+ # of the Lambda rotation function.
1571
+ #
1572
+ # For secrets that use *managed rotation*, omit this field. For more
1573
+ # information, see [Managed rotation][1] in the *Secrets Manager User
1574
+ # Guide*.
1575
+ #
1576
+ #
1577
+ #
1578
+ # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html
1564
1579
  # @return [String]
1565
1580
  #
1566
1581
  # @!attribute [rw] rotation_rules
@@ -1572,10 +1587,11 @@ module Aws::SecretsManager
1572
1587
  # next scheduled rotation window. The rotation schedule is defined in
1573
1588
  # RotateSecretRequest$RotationRules.
1574
1589
  #
1575
- # If you don't immediately rotate the secret, Secrets Manager tests
1576
- # the rotation configuration by running the [ `testSecret` step][1] of
1577
- # the Lambda rotation function. The test creates an `AWSPENDING`
1578
- # version of the secret and then removes it.
1590
+ # For secrets that use a Lambda rotation function to rotate, if you
1591
+ # don't immediately rotate the secret, Secrets Manager tests the
1592
+ # rotation configuration by running the [ `testSecret` step][1] of the
1593
+ # Lambda rotation function. The test creates an `AWSPENDING` version
1594
+ # of the secret and then removes it.
1579
1595
  #
1580
1596
  # If you don't specify this value, then by default, Secrets Manager
1581
1597
  # rotates the secret immediately.
@@ -1622,9 +1638,13 @@ module Aws::SecretsManager
1622
1638
  # A structure that defines the rotation configuration for the secret.
1623
1639
  #
1624
1640
  # @!attribute [rw] automatically_after_days
1625
- # The number of days between automatic scheduled rotations of the
1626
- # secret. You can use this value to check that your secret meets your
1627
- # compliance guidelines for how often secrets must be rotated.
1641
+ # The number of days between rotations of the secret. You can use this
1642
+ # value to check that your secret meets your compliance guidelines for
1643
+ # how often secrets must be rotated. If you use this field to set the
1644
+ # rotation schedule, Secrets Manager calculates the next rotation date
1645
+ # based on the previous rotation. Manually updating the secret value
1646
+ # by calling `PutSecretValue` or `UpdateSecret` is considered a valid
1647
+ # rotation.
1628
1648
  #
1629
1649
  # In `DescribeSecret` and `ListSecrets`, this value is calculated from
1630
1650
  # the rotation schedule after every successful rotation. In
@@ -1768,6 +1788,9 @@ module Aws::SecretsManager
1768
1788
  # @return [Time]
1769
1789
  #
1770
1790
  # @!attribute [rw] next_rotation_date
1791
+ # The next date and time that Secrets Manager will attempt to rotate
1792
+ # the secret, rounded to the nearest hour. This value is null if the
1793
+ # secret is not set up for rotation.
1771
1794
  # @return [Time]
1772
1795
  #
1773
1796
  # @!attribute [rw] tags
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-secretsmanager/customizations'
52
52
  # @!group service
53
53
  module Aws::SecretsManager
54
54
 
55
- GEM_VERSION = '1.70.0'
55
+ GEM_VERSION = '1.72.0'
56
56
 
57
57
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-secretsmanager
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.70.0
4
+ version: 1.72.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-12-29 00:00:00.000000000 Z
11
+ date: 2023-01-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core