aws-sdk-secretsmanager 1.70.0 → 1.72.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a891ecc91bb9b24a02af41ad8598be6db0b090c889b06ca923418913ebd49052
-  data.tar.gz: 3d0155ca46e14988295b03922377d1d513c3fa22b5c473d7065a9beee53c11cc
+  metadata.gz: da6260a86f7107f63b0573d2b4680ea83189e79f4c023056cd7388ad7885cacb
+  data.tar.gz: 3c37e40dfd47e37916338b482fcea9f094e8e9c2c3d425d3b1a6d0851e7ce1ea
 SHA512:
-  metadata.gz: cee58913dd159e16235427b18fa73399c6e892bad541fee74a79068f2bb639aed062d72adc992027b9bc05b133a90aad0b67356bcc7d581cd539206f5b9ca57e
-  data.tar.gz: 05de315397bd20563b8cd8cb4105d0c1cd5b3faead360f15effda07aaa2e390c6820016dfbbe57967833959f5b094daf2785e40f9d10960b862f3388951bb882
+  metadata.gz: 925c5772906fcef6c8f0c068a1aec9defbf659a1289c3d2f1a4ed4af1f372f172ad95f4d70fdb2979628be1070f6d014bf231d4baec230529028b00b7e142de6
+  data.tar.gz: a38e06173e1c27f2f010141cf1d690e01862f08a9b1b27c341f005c64d4e516a13e78b75498c7adcaa4d9a4b8f26035ea44ebaab2f6cd7dba71a8ae8bcedaa45

data/CHANGELOG.md

@@ -1,6 +1,18 @@
 Unreleased Changes
 ------------------
 
+1.72.0 (2023-01-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+* Issue - Replace runtime endpoint resolution approach with generated ruby code.
+
+1.71.0 (2023-01-12)
+------------------
+
+* Feature - Update documentation for new ListSecrets and DescribeSecret parameters
+
 1.70.0 (2022-12-29)
 ------------------
 
@@ -360,4 +372,4 @@ Unreleased Changes
 1.0.0 (2018-04-04)
 ------------------
 
-* Feature - Initial release of `aws-sdk-secretsmanager`.
+* Feature - Initial release of `aws-sdk-secretsmanager`.

data/VERSION

@@ -1 +1 @@
-1.70.0
+1.72.0

data/lib/aws-sdk-secretsmanager/client.rb

@@ -471,8 +471,12 @@ module Aws::SecretsManager
     # secret in Secrets Manager consists of both the protected secret data
     # and the important information needed to manage the secret.
     #
+    # For secrets that use *managed rotation*, you need to create the secret
+    # through the managing service. For more information, see [Secrets
+    # Manager secrets managed by other Amazon Web Services services][1].
+    #
     # For information about creating a secret in the console, see [Create a
-    # secret][1].
+    # secret][2].
     #
     # To create a secret, you can provide the secret value to be encrypted
     # in either the `SecretString` parameter or the `SecretBinary`
@@ -483,7 +487,7 @@ module Aws::SecretsManager
     # For database credentials you want to rotate, for Secrets Manager to be
     # able to rotate the secret, you must make sure the JSON you store in
     # the `SecretString` matches the [JSON structure of a database
-    # secret][2].
+    # secret][3].
     #
     # If you don't specify an KMS encryption key, Secrets Manager uses the
     # Amazon Web Services managed key `aws/secretsmanager`. If this key
@@ -502,13 +506,13 @@ module Aws::SecretsManager
     # action. Do not include sensitive information in request parameters
     # except `SecretBinary` or `SecretString` because it might be logged.
     # For more information, see [Logging Secrets Manager events with
-    # CloudTrail][3].
+    # CloudTrail][4].
     #
     # <b>Required permissions: </b> `secretsmanager:CreateSecret`. If you
     # include tags in the secret, you also need
     # `secretsmanager:TagResource`. For more information, see [ IAM policy
-    # actions for Secrets Manager][4] and [Authentication and access control
-    # in Secrets Manager][5].
+    # actions for Secrets Manager][5] and [Authentication and access control
+    # in Secrets Manager][6].
     #
     # To encrypt the secret with a KMS key other than `aws/secretsmanager`,
     # you need `kms:GenerateDataKey` and `kms:Decrypt` permission to the
@@ -516,11 +520,12 @@ module Aws::SecretsManager
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html
-    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html
-    # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
-    # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
-    # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
+    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html
+    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html
+    # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html
+    # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
+    # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
+    # [6]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
     #
     # @option params [required, String] :name
     #   The name of the new secret.
@@ -1027,6 +1032,7 @@ module Aws::SecretsManager
     #     last_changed_date: Time.parse(1523477145.729), 
     #     last_rotated_date: Time.parse(1525747253.72), 
     #     name: "MyTestDatabaseSecret", 
+    #     next_rotation_date: Time.parse("1665165599"), 
     #     rotation_enabled: true, 
     #     rotation_lambda_arn: "arn:aws:lambda:us-west-2:123456789012:function:MyTestRotationLambda", 
     #     rotation_rules: {
@@ -1562,6 +1568,7 @@ module Aws::SecretsManager
     # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
     #
     # @option params [Boolean] :include_planned_deletion
+    #   Specifies whether to include secrets scheduled for deletion.
     #
     # @option params [Integer] :max_results
     #   The number of results to include in the response.
@@ -2145,66 +2152,42 @@ module Aws::SecretsManager
     end
 
     # Configures and starts the asynchronous process of rotating the secret.
-    # For more information about rotation, see [Rotate secrets][1].
-    #
-    # If you include the configuration parameters, the operation sets the
-    # values for the secret and then immediately starts a rotation. If you
-    # don't include the configuration parameters, the operation starts a
-    # rotation with the values already stored in the secret.
-    #
-    # For database credentials you want to rotate, for Secrets Manager to be
-    # able to rotate the secret, you must make sure the secret value is in
-    # the [ JSON structure of a database secret][2]. In particular, if you
-    # want to use the [ alternating users strategy][3], your secret must
-    # contain the ARN of a superuser secret.
-    #
-    # To configure rotation, you also need the ARN of an Amazon Web Services
-    # Lambda function and the schedule for the rotation. The Lambda rotation
-    # function creates a new version of the secret and creates or updates
-    # the credentials on the database or service to match. After testing the
-    # new credentials, the function marks the new secret version with the
-    # staging label `AWSCURRENT`. Then anyone who retrieves the secret gets
-    # the new version. For more information, see [How rotation works][4].
-    #
-    # You can create the Lambda rotation function based on the [rotation
-    # function templates][5] that Secrets Manager provides. Choose a
-    # template that matches your [Rotation strategy][6].
+    # For information about rotation, see [Rotate secrets][1] in the
+    # *Secrets Manager User Guide*. If you include the configuration
+    # parameters, the operation sets the values for the secret and then
+    # immediately starts a rotation. If you don't include the configuration
+    # parameters, the operation starts a rotation with the values already
+    # stored in the secret.
     #
     # When rotation is successful, the `AWSPENDING` staging label might be
     # attached to the same version as the `AWSCURRENT` version, or it might
     # not be attached to any version. If the `AWSPENDING` staging label is
     # present but not attached to the same version as `AWSCURRENT`, then any
     # later invocation of `RotateSecret` assumes that a previous rotation
-    # request is still in progress and returns an error.
-    #
-    # When rotation is unsuccessful, the `AWSPENDING` staging label might be
-    # attached to an empty secret version. For more information, see
-    # [Troubleshoot rotation][7] in the *Secrets Manager User Guide*.
+    # request is still in progress and returns an error. When rotation is
+    # unsuccessful, the `AWSPENDING` staging label might be attached to an
+    # empty secret version. For more information, see [Troubleshoot
+    # rotation][2] in the *Secrets Manager User Guide*.
     #
     # Secrets Manager generates a CloudTrail log entry when you call this
     # action. Do not include sensitive information in request parameters
     # because it might be logged. For more information, see [Logging Secrets
-    # Manager events with CloudTrail][8].
+    # Manager events with CloudTrail][3].
     #
     # <b>Required permissions: </b> `secretsmanager:RotateSecret`. For more
-    # information, see [ IAM policy actions for Secrets Manager][9] and
-    # [Authentication and access control in Secrets Manager][10]. You also
+    # information, see [ IAM policy actions for Secrets Manager][4] and
+    # [Authentication and access control in Secrets Manager][5]. You also
     # need `lambda:InvokeFunction` permissions on the rotation function. For
-    # more information, see [ Permissions for rotation][11].
+    # more information, see [ Permissions for rotation][6].
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html
-    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html
-    # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users
-    # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html
-    # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html
-    # [6]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html
-    # [7]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html
-    # [8]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
-    # [9]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
-    # [10]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
-    # [11]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html
+    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html
+    # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
+    # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
+    # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
+    # [6]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html
     #
     # @option params [required, String] :secret_id
     #   The ARN or name of the secret to rotate.
@@ -2244,7 +2227,16 @@ module Aws::SecretsManager
     #   [1]: https://wikipedia.org/wiki/Universally_unique_identifier
     #
     # @option params [String] :rotation_lambda_arn
-    #   The ARN of the Lambda rotation function that can rotate the secret.
+    #   For secrets that use a Lambda rotation function to rotate, the ARN of
+    #   the Lambda rotation function.
+    #
+    #   For secrets that use *managed rotation*, omit this field. For more
+    #   information, see [Managed rotation][1] in the *Secrets Manager User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html
     #
     # @option params [Types::RotationRulesType] :rotation_rules
     #   A structure that defines the rotation configuration for this secret.
@@ -2254,7 +2246,8 @@ module Aws::SecretsManager
     #   next scheduled rotation window. The rotation schedule is defined in
     #   RotateSecretRequest$RotationRules.
     #
-    #   If you don't immediately rotate the secret, Secrets Manager tests the
+    #   For secrets that use a Lambda rotation function to rotate, if you
+    #   don't immediately rotate the secret, Secrets Manager tests the
     #   rotation configuration by running the [ `testSecret` step][1] of the
     #   Lambda rotation function. The test creates an `AWSPENDING` version of
     #   the secret and then removes it.
@@ -2590,6 +2583,10 @@ module Aws::SecretsManager
     # To change the rotation configuration of a secret, use RotateSecret
     # instead.
     #
+    # To change a secret so that it is managed by another service, you need
+    # to recreate the secret in that service. See [Secrets Manager secrets
+    # managed by other Amazon Web Services services][1].
+    #
     # We recommend you avoid calling `UpdateSecret` at a sustained rate of
     # more than once every 10 minutes. When you call `UpdateSecret` to
     # update the secret value, Secrets Manager creates a new version of the
@@ -2614,21 +2611,22 @@ module Aws::SecretsManager
     # action. Do not include sensitive information in request parameters
     # except `SecretBinary` or `SecretString` because it might be logged.
     # For more information, see [Logging Secrets Manager events with
-    # CloudTrail][1].
+    # CloudTrail][2].
     #
     # <b>Required permissions: </b> `secretsmanager:UpdateSecret`. For more
-    # information, see [ IAM policy actions for Secrets Manager][2] and
-    # [Authentication and access control in Secrets Manager][3]. If you use
+    # information, see [ IAM policy actions for Secrets Manager][3] and
+    # [Authentication and access control in Secrets Manager][4]. If you use
     # a customer managed key, you must also have `kms:GenerateDataKey` and
     # `kms:Decrypt` permissions on the key. For more information, see [
-    # Secret encryption and decryption][4].
+    # Secret encryption and decryption][5].
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
-    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
-    # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
-    # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html
+    # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html
+    # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
+    # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions
+    # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
+    # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html
     #
     # @option params [required, String] :secret_id
     #   The ARN or name of the secret.
@@ -3052,7 +3050,7 @@ module Aws::SecretsManager
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-secretsmanager'
-      context[:gem_version] = '1.70.0'
+      context[:gem_version] = '1.72.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-secretsmanager/endpoint_provider.rb

@@ -9,103 +9,43 @@
 
 module Aws::SecretsManager
   class EndpointProvider
-    def initialize(rule_set = nil)
-      @@rule_set ||= begin
-        endpoint_rules = Aws::Json.load(Base64.decode64(RULES))
-        Aws::Endpoints::RuleSet.new(
-          version: endpoint_rules['version'],
-          service_id: endpoint_rules['serviceId'],
-          parameters: endpoint_rules['parameters'],
-          rules: endpoint_rules['rules']
-        )
+    def resolve_endpoint(parameters)
+      region = parameters.region
+      use_dual_stack = parameters.use_dual_stack
+      use_fips = parameters.use_fips
+      endpoint = parameters.endpoint
+      if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
+        if Aws::Endpoints::Matchers.set?(endpoint)
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+            raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
+          end
+          return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
+        end
+        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+            return Aws::Endpoints::Endpoint.new(url: "https://secretsmanager-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+          end
+          raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
+        end
+        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
+            return Aws::Endpoints::Endpoint.new(url: "https://secretsmanager-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+          end
+          raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
+        end
+        if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+            return Aws::Endpoints::Endpoint.new(url: "https://secretsmanager.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+          end
+          raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
+        end
+        return Aws::Endpoints::Endpoint.new(url: "https://secretsmanager.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
       end
-      @provider = Aws::Endpoints::RulesProvider.new(rule_set || @@rule_set)
-    end
+      raise ArgumentError, 'No endpoint could be resolved'
 
-    def resolve_endpoint(parameters)
-      @provider.resolve_endpoint(parameters)
     end
-
-    # @api private
-    RULES = <<-JSON
-eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
-bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOnRydWUsImRvY3VtZW50
-YXRpb24iOiJUaGUgQVdTIHJlZ2lvbiB1c2VkIHRvIGRpc3BhdGNoIHRoZSBy
-ZXF1ZXN0LiIsInR5cGUiOiJTdHJpbmcifSwiVXNlRHVhbFN0YWNrIjp7ImJ1
-aWx0SW4iOiJBV1M6OlVzZUR1YWxTdGFjayIsInJlcXVpcmVkIjp0cnVlLCJk
-ZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRhdGlvbiI6IldoZW4gdHJ1ZSwgdXNl
-IHRoZSBkdWFsLXN0YWNrIGVuZHBvaW50LiBJZiB0aGUgY29uZmlndXJlZCBl
-bmRwb2ludCBkb2VzIG5vdCBzdXBwb3J0IGR1YWwtc3RhY2ssIGRpc3BhdGNo
-aW5nIHRoZSByZXF1ZXN0IE1BWSByZXR1cm4gYW4gZXJyb3IuIiwidHlwZSI6
-IkJvb2xlYW4ifSwiVXNlRklQUyI6eyJidWlsdEluIjoiQVdTOjpVc2VGSVBT
-IiwicmVxdWlyZWQiOnRydWUsImRlZmF1bHQiOmZhbHNlLCJkb2N1bWVudGF0
-aW9uIjoiV2hlbiB0cnVlLCBzZW5kIHRoaXMgcmVxdWVzdCB0byB0aGUgRklQ
-Uy1jb21wbGlhbnQgcmVnaW9uYWwgZW5kcG9pbnQuIElmIHRoZSBjb25maWd1
-cmVkIGVuZHBvaW50IGRvZXMgbm90IGhhdmUgYSBGSVBTIGNvbXBsaWFudCBl
-bmRwb2ludCwgZGlzcGF0Y2hpbmcgdGhlIHJlcXVlc3Qgd2lsbCByZXR1cm4g
-YW4gZXJyb3IuIiwidHlwZSI6IkJvb2xlYW4ifSwiRW5kcG9pbnQiOnsiYnVp
-bHRJbiI6IlNESzo6RW5kcG9pbnQiLCJyZXF1aXJlZCI6ZmFsc2UsImRvY3Vt
-ZW50YXRpb24iOiJPdmVycmlkZSB0aGUgZW5kcG9pbnQgdXNlZCB0byBzZW5k
-IHRoaXMgcmVxdWVzdCIsInR5cGUiOiJTdHJpbmcifX0sInJ1bGVzIjpbeyJj
-b25kaXRpb25zIjpbeyJmbiI6ImF3cy5wYXJ0aXRpb24iLCJhcmd2IjpbeyJy
-ZWYiOiJSZWdpb24ifV0sImFzc2lnbiI6IlBhcnRpdGlvblJlc3VsdCJ9XSwi
-dHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6W3siZm4iOiJp
-c1NldCIsImFyZ3YiOlt7InJlZiI6IkVuZHBvaW50In1dfV0sInR5cGUiOiJ0
-cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVx
-dWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUZJUFMifSx0cnVlXX1dLCJlcnJv
-ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRklQUyBhbmQgY3VzdG9tIGVu
-ZHBvaW50IGFyZSBub3Qgc3VwcG9ydGVkIiwidHlwZSI6ImVycm9yIn0seyJj
-b25kaXRpb25zIjpbXSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
-aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoi
-VXNlRHVhbFN0YWNrIn0sdHJ1ZV19XSwiZXJyb3IiOiJJbnZhbGlkIENvbmZp
-Z3VyYXRpb246IER1YWxzdGFjayBhbmQgY3VzdG9tIGVuZHBvaW50IGFyZSBu
-b3Qgc3VwcG9ydGVkIiwidHlwZSI6ImVycm9yIn0seyJjb25kaXRpb25zIjpb
-XSwiZW5kcG9pbnQiOnsidXJsIjp7InJlZiI6IkVuZHBvaW50In0sInByb3Bl
-cnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1d
-fSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3Yi
-Olt7InJlZiI6IlVzZUZJUFMifSx0cnVlXX0seyJmbiI6ImJvb2xlYW5FcXVh
-bHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJ0
-eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJv
-b2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1ZSx7ImZuIjoiZ2V0QXR0ciIsImFy
-Z3YiOlt7InJlZiI6IlBhcnRpdGlvblJlc3VsdCJ9LCJzdXBwb3J0c0ZJUFMi
-XX1dfSx7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4i
-OiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0s
-InN1cHBvcnRzRHVhbFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVz
-IjpbeyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6
-Ly9zZWNyZXRzbWFuYWdlci1maXBzLntSZWdpb259LntQYXJ0aXRpb25SZXN1
-bHQjZHVhbFN0YWNrRG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJoZWFk
-ZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX0seyJjb25kaXRpb25zIjpb
-XSwiZXJyb3IiOiJGSVBTIGFuZCBEdWFsU3RhY2sgYXJlIGVuYWJsZWQsIGJ1
-dCB0aGlzIHBhcnRpdGlvbiBkb2VzIG5vdCBzdXBwb3J0IG9uZSBvciBib3Ro
-IiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9v
-bGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUZJUFMifSx0cnVlXX1d
-LCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6
-ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1ZSx7ImZuIjoiZ2V0QXR0ciIs
-ImFyZ3YiOlt7InJlZiI6IlBhcnRpdGlvblJlc3VsdCJ9LCJzdXBwb3J0c0ZJ
-UFMiXX1dfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMi
-OltdLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpbXSwi
-ZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9zZWNyZXRzbWFuYWdlci1maXBz
-LntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4fSIsInByb3Bl
-cnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1d
-fSx7ImNvbmRpdGlvbnMiOltdLCJlcnJvciI6IkZJUFMgaXMgZW5hYmxlZCBi
-dXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBGSVBTIiwidHlw
-ZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVx
-dWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxTdGFjayJ9LHRydWVdfV0s
-InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
-Ym9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4iOiJnZXRBdHRyIiwi
-YXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0sInN1cHBvcnRzRHVh
-bFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRp
-b25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9zZWNyZXRzbWFu
-YWdlci57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2R1YWxTdGFja0Ruc1N1
-ZmZpeH0iLCJwcm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoi
-ZW5kcG9pbnQifV19LHsiY29uZGl0aW9ucyI6W10sImVycm9yIjoiRHVhbFN0
-YWNrIGlzIGVuYWJsZWQgYnV0IHRoaXMgcGFydGl0aW9uIGRvZXMgbm90IHN1
-cHBvcnQgRHVhbFN0YWNrIiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlv
-bnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOiJodHRwczovL3NlY3JldHNtYW5h
-Z2VyLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4fSIsInBy
-b3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9
-XX1dfQ==
-
-    JSON
   end
 end

data/lib/aws-sdk-secretsmanager/types.rb

@@ -494,6 +494,9 @@ module Aws::SecretsManager
     #   @return [Time]
     #
     # @!attribute [rw] next_rotation_date
+    #   The next date and time that Secrets Manager will rotate the secret,
+    #   rounded to the nearest hour. If the secret isn't configured for
+    #   rotation, Secrets Manager returns null.
     #   @return [Time]
     #
     # @!attribute [rw] tags
@@ -627,6 +630,8 @@ module Aws::SecretsManager
     #
     #   * **primary-region**\: Prefix match, case-sensitive.
     #
+    #   * **owning-service**\: Prefix match, case-sensitive.
+    #
     #   * **all**\: Breaks the filter value string into words and then
     #     searches all attributes for matches. Not case-sensitive.
     #   @return [String]
@@ -1034,6 +1039,7 @@ module Aws::SecretsManager
     end
 
     # @!attribute [rw] include_planned_deletion
+    #   Specifies whether to include secrets scheduled for deletion.
     #   @return [Boolean]
     #
     # @!attribute [rw] max_results
@@ -1560,7 +1566,16 @@ module Aws::SecretsManager
     #   @return [String]
     #
     # @!attribute [rw] rotation_lambda_arn
-    #   The ARN of the Lambda rotation function that can rotate the secret.
+    #   For secrets that use a Lambda rotation function to rotate, the ARN
+    #   of the Lambda rotation function.
+    #
+    #   For secrets that use *managed rotation*, omit this field. For more
+    #   information, see [Managed rotation][1] in the *Secrets Manager User
+    #   Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html
     #   @return [String]
     #
     # @!attribute [rw] rotation_rules
@@ -1572,10 +1587,11 @@ module Aws::SecretsManager
     #   next scheduled rotation window. The rotation schedule is defined in
     #   RotateSecretRequest$RotationRules.
     #
-    #   If you don't immediately rotate the secret, Secrets Manager tests
-    #   the rotation configuration by running the [ `testSecret` step][1] of
-    #   the Lambda rotation function. The test creates an `AWSPENDING`
-    #   version of the secret and then removes it.
+    #   For secrets that use a Lambda rotation function to rotate, if you
+    #   don't immediately rotate the secret, Secrets Manager tests the
+    #   rotation configuration by running the [ `testSecret` step][1] of the
+    #   Lambda rotation function. The test creates an `AWSPENDING` version
+    #   of the secret and then removes it.
     #
     #   If you don't specify this value, then by default, Secrets Manager
     #   rotates the secret immediately.
@@ -1622,9 +1638,13 @@ module Aws::SecretsManager
     # A structure that defines the rotation configuration for the secret.
     #
     # @!attribute [rw] automatically_after_days
-    #   The number of days between automatic scheduled rotations of the
-    #   secret. You can use this value to check that your secret meets your
-    #   compliance guidelines for how often secrets must be rotated.
+    #   The number of days between rotations of the secret. You can use this
+    #   value to check that your secret meets your compliance guidelines for
+    #   how often secrets must be rotated. If you use this field to set the
+    #   rotation schedule, Secrets Manager calculates the next rotation date
+    #   based on the previous rotation. Manually updating the secret value
+    #   by calling `PutSecretValue` or `UpdateSecret` is considered a valid
+    #   rotation.
     #
     #   In `DescribeSecret` and `ListSecrets`, this value is calculated from
     #   the rotation schedule after every successful rotation. In
@@ -1768,6 +1788,9 @@ module Aws::SecretsManager
     #   @return [Time]
     #
     # @!attribute [rw] next_rotation_date
+    #   The next date and time that Secrets Manager will attempt to rotate
+    #   the secret, rounded to the nearest hour. This value is null if the
+    #   secret is not set up for rotation.
     #   @return [Time]
     #
     # @!attribute [rw] tags

data/lib/aws-sdk-secretsmanager.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-secretsmanager/customizations'
 # @!group service
 module Aws::SecretsManager
 
-  GEM_VERSION = '1.70.0'
+  GEM_VERSION = '1.72.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-secretsmanager
 version: !ruby/object:Gem::Version
-  version: 1.70.0
+  version: 1.72.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-12-29 00:00:00.000000000 Z
+date: 2023-01-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core