aws-sdk-secretsmanager 1.95.0 → 1.97.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5011a7cf93524e6e5c900c2727647459b500419d570e0e240f99084b148d9192
4
- data.tar.gz: c674353ddfc65359f83d76cdb1330a27bfc2bde04d4994ad29c2fd48ef113cd8
3
+ metadata.gz: 0e0e6464258f2fed514ce59ae2efede2bb862de0aea62b32759b2de7b1ac3e10
4
+ data.tar.gz: 5e52261ab392e4c9dfee8d6f269da2f62eeb634d6061846dfcb011956f5c99ef
5
5
  SHA512:
6
- metadata.gz: 166fe37dcb929aa732ea5a9c8ae3d10373dc845c0e524fea68cce4fd4a59385738100bceb3377c1ed606409459d5d091f799f4cdabe05c842c564805a104531b
7
- data.tar.gz: de5c0fd0899c556b0b325528c9ff84542a0ba9f722745e0bb0711c9272e26f7a6f81ad70c93dbdd97248bced8fbe8564abbcc00a7c431537f93429d7ab6f3c04
6
+ metadata.gz: f6f888876fd43c161d2dab57af4ac80e9339d6ea6cac8df0d917359e385836dda1a21960e62c281fcd9042ea271f2c1f7ab78eaaf033e7265c6194d5e5292ade
7
+ data.tar.gz: 5c32d07436771cd51b136d94075222883588f2c435accaea88722b130074bbd3a8452d78dbe0ec8c19a79581dc6acd7d62849daebe5880472bdaf739eacb38fc
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.97.0 (2024-06-12)
5
+ ------------------
6
+
7
+ * Feature - Introducing RotationToken parameter for PutSecretValue API
8
+
9
+ 1.96.0 (2024-06-05)
10
+ ------------------
11
+
12
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
13
+
4
14
  1.95.0 (2024-05-20)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.95.0
1
+ 1.97.0
@@ -815,6 +815,11 @@ module Aws::SecretsManager
815
815
  #
816
816
  # This parameter is not available in the Secrets Manager console.
817
817
  #
818
+ # Sensitive: This field contains sensitive information, so the service
819
+ # does not include it in CloudTrail log entries. If you create your own
820
+ # log entries, you must also avoid logging the information in this
821
+ # field.
822
+ #
818
823
  # @option params [String] :secret_string
819
824
  # The text data to encrypt and store in this new version of the secret.
820
825
  # We recommend you use a JSON structure of key/value pairs for your
@@ -829,6 +834,11 @@ module Aws::SecretsManager
829
834
  # information as a JSON structure of key/value pairs that a Lambda
830
835
  # rotation function can parse.
831
836
  #
837
+ # Sensitive: This field contains sensitive information, so the service
838
+ # does not include it in CloudTrail log entries. If you create your own
839
+ # log entries, you must also avoid logging the information in this
840
+ # field.
841
+ #
832
842
  # @option params [Array<Types::Tag>] :tags
833
843
  # A list of tags to attach to the secret. Each tag is a key and value
834
844
  # pair of strings in a JSON text string, for example:
@@ -1501,7 +1511,8 @@ module Aws::SecretsManager
1501
1511
  # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
1502
1512
  #
1503
1513
  # @option params [required, String] :secret_id
1504
- # The ARN or name of the secret to retrieve.
1514
+ # The ARN or name of the secret to retrieve. To retrieve a secret from
1515
+ # another account, you must use an ARN.
1505
1516
  #
1506
1517
  # For an ARN, we recommend that you specify a complete ARN rather than a
1507
1518
  # partial ARN. See [Finding a secret from a partial ARN][1].
@@ -2009,9 +2020,9 @@ module Aws::SecretsManager
2009
2020
  #
2010
2021
  # Secrets Manager generates a CloudTrail log entry when you call this
2011
2022
  # action. Do not include sensitive information in request parameters
2012
- # except `SecretBinary` or `SecretString` because it might be logged.
2013
- # For more information, see [Logging Secrets Manager events with
2014
- # CloudTrail][1].
2023
+ # except `SecretBinary`, `SecretString`, or `RotationToken` because it
2024
+ # might be logged. For more information, see [Logging Secrets Manager
2025
+ # events with CloudTrail][1].
2015
2026
  #
2016
2027
  # <b>Required permissions: </b> `secretsmanager:PutSecretValue`. For
2017
2028
  # more information, see [ IAM policy actions for Secrets Manager][2] and
@@ -2087,6 +2098,11 @@ module Aws::SecretsManager
2087
2098
  #
2088
2099
  # You can't access this value from the Secrets Manager console.
2089
2100
  #
2101
+ # Sensitive: This field contains sensitive information, so the service
2102
+ # does not include it in CloudTrail log entries. If you create your own
2103
+ # log entries, you must also avoid logging the information in this
2104
+ # field.
2105
+ #
2090
2106
  # @option params [String] :secret_string
2091
2107
  # The text to encrypt and store in the new version of the secret.
2092
2108
  #
@@ -2095,6 +2111,11 @@ module Aws::SecretsManager
2095
2111
  # We recommend you create the secret string as JSON key/value pairs, as
2096
2112
  # shown in the example.
2097
2113
  #
2114
+ # Sensitive: This field contains sensitive information, so the service
2115
+ # does not include it in CloudTrail log entries. If you create your own
2116
+ # log entries, you must also avoid logging the information in this
2117
+ # field.
2118
+ #
2098
2119
  # @option params [Array<String>] :version_stages
2099
2120
  # A list of staging labels to attach to this version of the secret.
2100
2121
  # Secrets Manager uses staging labels to track versions of a secret
@@ -2110,6 +2131,23 @@ module Aws::SecretsManager
2110
2131
  # If you don't include `VersionStages`, then Secrets Manager
2111
2132
  # automatically moves the staging label `AWSCURRENT` to this version.
2112
2133
  #
2134
+ # @option params [String] :rotation_token
2135
+ # A unique identifier that indicates the source of the request. For
2136
+ # cross-account rotation (when you rotate a secret in one account by
2137
+ # using a Lambda rotation function in another account) and the Lambda
2138
+ # rotation function assumes an IAM role to call Secrets Manager, Secrets
2139
+ # Manager validates the identity with the rotation token. For more
2140
+ # information, see [How rotation works][1].
2141
+ #
2142
+ # Sensitive: This field contains sensitive information, so the service
2143
+ # does not include it in CloudTrail log entries. If you create your own
2144
+ # log entries, you must also avoid logging the information in this
2145
+ # field.
2146
+ #
2147
+ #
2148
+ #
2149
+ # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html
2150
+ #
2113
2151
  # @return [Types::PutSecretValueResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2114
2152
  #
2115
2153
  # * {Types::PutSecretValueResponse#arn #arn} => String
@@ -2147,6 +2185,7 @@ module Aws::SecretsManager
2147
2185
  # secret_binary: "data",
2148
2186
  # secret_string: "SecretStringType",
2149
2187
  # version_stages: ["SecretVersionStageType"],
2188
+ # rotation_token: "RotationTokenType",
2150
2189
  # })
2151
2190
  #
2152
2191
  # @example Response structure
@@ -2940,6 +2979,11 @@ module Aws::SecretsManager
2940
2979
  #
2941
2980
  # You can't access this parameter in the Secrets Manager console.
2942
2981
  #
2982
+ # Sensitive: This field contains sensitive information, so the service
2983
+ # does not include it in CloudTrail log entries. If you create your own
2984
+ # log entries, you must also avoid logging the information in this
2985
+ # field.
2986
+ #
2943
2987
  # @option params [String] :secret_string
2944
2988
  # The text data to encrypt and store in the new version of the secret.
2945
2989
  # We recommend you use a JSON structure of key/value pairs for your
@@ -2948,6 +2992,11 @@ module Aws::SecretsManager
2948
2992
  # Either `SecretBinary` or `SecretString` must have a value, but not
2949
2993
  # both.
2950
2994
  #
2995
+ # Sensitive: This field contains sensitive information, so the service
2996
+ # does not include it in CloudTrail log entries. If you create your own
2997
+ # log entries, you must also avoid logging the information in this
2998
+ # field.
2999
+ #
2951
3000
  # @return [Types::UpdateSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2952
3001
  #
2953
3002
  # * {Types::UpdateSecretResponse#arn #arn} => String
@@ -3217,7 +3266,8 @@ module Aws::SecretsManager
3217
3266
  # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html
3218
3267
  #
3219
3268
  # @option params [String] :secret_id
3220
- # This field is reserved for internal use.
3269
+ # The ARN or name of the secret with the resource-based policy you want
3270
+ # to validate.
3221
3271
  #
3222
3272
  # @option params [required, String] :resource_policy
3223
3273
  # A JSON-formatted string that contains an Amazon Web Services
@@ -3287,7 +3337,7 @@ module Aws::SecretsManager
3287
3337
  params: params,
3288
3338
  config: config)
3289
3339
  context[:gem_name] = 'aws-sdk-secretsmanager'
3290
- context[:gem_version] = '1.95.0'
3340
+ context[:gem_version] = '1.97.0'
3291
3341
  Seahorse::Client::Request.new(handlers, context)
3292
3342
  end
3293
3343
 
@@ -107,6 +107,7 @@ module Aws::SecretsManager
107
107
  RotationEnabledType = Shapes::BooleanShape.new(name: 'RotationEnabledType')
108
108
  RotationLambdaARNType = Shapes::StringShape.new(name: 'RotationLambdaARNType')
109
109
  RotationRulesType = Shapes::StructureShape.new(name: 'RotationRulesType')
110
+ RotationTokenType = Shapes::StringShape.new(name: 'RotationTokenType')
110
111
  ScheduleExpressionType = Shapes::StringShape.new(name: 'ScheduleExpressionType')
111
112
  SecretARNType = Shapes::StringShape.new(name: 'SecretARNType')
112
113
  SecretBinaryType = Shapes::BlobShape.new(name: 'SecretBinaryType')
@@ -343,6 +344,7 @@ module Aws::SecretsManager
343
344
  PutSecretValueRequest.add_member(:secret_binary, Shapes::ShapeRef.new(shape: SecretBinaryType, location_name: "SecretBinary"))
344
345
  PutSecretValueRequest.add_member(:secret_string, Shapes::ShapeRef.new(shape: SecretStringType, location_name: "SecretString"))
345
346
  PutSecretValueRequest.add_member(:version_stages, Shapes::ShapeRef.new(shape: SecretVersionStagesType, location_name: "VersionStages"))
347
+ PutSecretValueRequest.add_member(:rotation_token, Shapes::ShapeRef.new(shape: RotationTokenType, location_name: "RotationToken"))
346
348
  PutSecretValueRequest.struct_class = Types::PutSecretValueRequest
347
349
 
348
350
  PutSecretValueResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecretARNType, location_name: "ARN"))
@@ -528,6 +530,7 @@ module Aws::SecretsManager
528
530
 
529
531
  api.metadata = {
530
532
  "apiVersion" => "2017-10-17",
533
+ "auth" => ["aws.auth#sigv4"],
531
534
  "endpointPrefix" => "secretsmanager",
532
535
  "jsonVersion" => "1.1",
533
536
  "protocol" => "json",
@@ -243,6 +243,11 @@ module Aws::SecretsManager
243
243
  # both.
244
244
  #
245
245
  # This parameter is not available in the Secrets Manager console.
246
+ #
247
+ # Sensitive: This field contains sensitive information, so the service
248
+ # does not include it in CloudTrail log entries. If you create your
249
+ # own log entries, you must also avoid logging the information in this
250
+ # field.
246
251
  # @return [String]
247
252
  #
248
253
  # @!attribute [rw] secret_string
@@ -258,6 +263,11 @@ module Aws::SecretsManager
258
263
  # `SecretString` parameter. The Secrets Manager console stores the
259
264
  # information as a JSON structure of key/value pairs that a Lambda
260
265
  # rotation function can parse.
266
+ #
267
+ # Sensitive: This field contains sensitive information, so the service
268
+ # does not include it in CloudTrail log entries. If you create your
269
+ # own log entries, you must also avoid logging the information in this
270
+ # field.
261
271
  # @return [String]
262
272
  #
263
273
  # @!attribute [rw] tags
@@ -527,6 +537,8 @@ module Aws::SecretsManager
527
537
  #
528
538
  # @!attribute [rw] rotation_enabled
529
539
  # Specifies whether automatic rotation is turned on for this secret.
540
+ # If the secret has never been configured for rotation, Secrets
541
+ # Manager returns null.
530
542
  #
531
543
  # To turn on rotation, use RotateSecret. To turn off rotation, use
532
544
  # CancelRotateSecret.
@@ -861,7 +873,8 @@ module Aws::SecretsManager
861
873
  end
862
874
 
863
875
  # @!attribute [rw] secret_id
864
- # The ARN or name of the secret to retrieve.
876
+ # The ARN or name of the secret to retrieve. To retrieve a secret from
877
+ # another account, you must use an ARN.
865
878
  #
866
879
  # For an ARN, we recommend that you specify a complete ARN rather than
867
880
  # a partial ARN. See [Finding a secret from a partial ARN][1].
@@ -929,6 +942,11 @@ module Aws::SecretsManager
929
942
  # if the secret value was originally provided as a string, then this
930
943
  # field is omitted. The secret value appears in `SecretString`
931
944
  # instead.
945
+ #
946
+ # Sensitive: This field contains sensitive information, so the service
947
+ # does not include it in CloudTrail log entries. If you create your
948
+ # own log entries, you must also avoid logging the information in this
949
+ # field.
932
950
  # @return [String]
933
951
  #
934
952
  # @!attribute [rw] secret_string
@@ -938,6 +956,11 @@ module Aws::SecretsManager
938
956
  # If this secret was created by using the console, then Secrets
939
957
  # Manager stores the information as a JSON structure of key/value
940
958
  # pairs.
959
+ #
960
+ # Sensitive: This field contains sensitive information, so the service
961
+ # does not include it in CloudTrail log entries. If you create your
962
+ # own log entries, you must also avoid logging the information in this
963
+ # field.
941
964
  # @return [String]
942
965
  #
943
966
  # @!attribute [rw] version_stages
@@ -1363,6 +1386,11 @@ module Aws::SecretsManager
1363
1386
  # You must include `SecretBinary` or `SecretString`, but not both.
1364
1387
  #
1365
1388
  # You can't access this value from the Secrets Manager console.
1389
+ #
1390
+ # Sensitive: This field contains sensitive information, so the service
1391
+ # does not include it in CloudTrail log entries. If you create your
1392
+ # own log entries, you must also avoid logging the information in this
1393
+ # field.
1366
1394
  # @return [String]
1367
1395
  #
1368
1396
  # @!attribute [rw] secret_string
@@ -1372,6 +1400,11 @@ module Aws::SecretsManager
1372
1400
  #
1373
1401
  # We recommend you create the secret string as JSON key/value pairs,
1374
1402
  # as shown in the example.
1403
+ #
1404
+ # Sensitive: This field contains sensitive information, so the service
1405
+ # does not include it in CloudTrail log entries. If you create your
1406
+ # own log entries, you must also avoid logging the information in this
1407
+ # field.
1375
1408
  # @return [String]
1376
1409
  #
1377
1410
  # @!attribute [rw] version_stages
@@ -1390,6 +1423,24 @@ module Aws::SecretsManager
1390
1423
  # automatically moves the staging label `AWSCURRENT` to this version.
1391
1424
  # @return [Array<String>]
1392
1425
  #
1426
+ # @!attribute [rw] rotation_token
1427
+ # A unique identifier that indicates the source of the request. For
1428
+ # cross-account rotation (when you rotate a secret in one account by
1429
+ # using a Lambda rotation function in another account) and the Lambda
1430
+ # rotation function assumes an IAM role to call Secrets Manager,
1431
+ # Secrets Manager validates the identity with the rotation token. For
1432
+ # more information, see [How rotation works][1].
1433
+ #
1434
+ # Sensitive: This field contains sensitive information, so the service
1435
+ # does not include it in CloudTrail log entries. If you create your
1436
+ # own log entries, you must also avoid logging the information in this
1437
+ # field.
1438
+ #
1439
+ #
1440
+ #
1441
+ # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html
1442
+ # @return [String]
1443
+ #
1393
1444
  # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/PutSecretValueRequest AWS API Documentation
1394
1445
  #
1395
1446
  class PutSecretValueRequest < Struct.new(
@@ -1397,8 +1448,9 @@ module Aws::SecretsManager
1397
1448
  :client_request_token,
1398
1449
  :secret_binary,
1399
1450
  :secret_string,
1400
- :version_stages)
1401
- SENSITIVE = [:secret_binary, :secret_string]
1451
+ :version_stages,
1452
+ :rotation_token)
1453
+ SENSITIVE = [:secret_binary, :secret_string, :rotation_token]
1402
1454
  include Aws::Structure
1403
1455
  end
1404
1456
 
@@ -2253,6 +2305,11 @@ module Aws::SecretsManager
2253
2305
  # both.
2254
2306
  #
2255
2307
  # You can't access this parameter in the Secrets Manager console.
2308
+ #
2309
+ # Sensitive: This field contains sensitive information, so the service
2310
+ # does not include it in CloudTrail log entries. If you create your
2311
+ # own log entries, you must also avoid logging the information in this
2312
+ # field.
2256
2313
  # @return [String]
2257
2314
  #
2258
2315
  # @!attribute [rw] secret_string
@@ -2262,6 +2319,11 @@ module Aws::SecretsManager
2262
2319
  #
2263
2320
  # Either `SecretBinary` or `SecretString` must have a value, but not
2264
2321
  # both.
2322
+ #
2323
+ # Sensitive: This field contains sensitive information, so the service
2324
+ # does not include it in CloudTrail log entries. If you create your
2325
+ # own log entries, you must also avoid logging the information in this
2326
+ # field.
2265
2327
  # @return [String]
2266
2328
  #
2267
2329
  # @see http://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UpdateSecretRequest AWS API Documentation
@@ -2365,7 +2427,8 @@ module Aws::SecretsManager
2365
2427
  end
2366
2428
 
2367
2429
  # @!attribute [rw] secret_id
2368
- # This field is reserved for internal use.
2430
+ # The ARN or name of the secret with the resource-based policy you
2431
+ # want to validate.
2369
2432
  # @return [String]
2370
2433
  #
2371
2434
  # @!attribute [rw] resource_policy
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-secretsmanager/customizations'
52
52
  # @!group service
53
53
  module Aws::SecretsManager
54
54
 
55
- GEM_VERSION = '1.95.0'
55
+ GEM_VERSION = '1.97.0'
56
56
 
57
57
  end
data/sig/client.rbs CHANGED
@@ -297,7 +297,8 @@ module Aws
297
297
  ?client_request_token: ::String,
298
298
  ?secret_binary: ::String,
299
299
  ?secret_string: ::String,
300
- ?version_stages: Array[::String]
300
+ ?version_stages: Array[::String],
301
+ ?rotation_token: ::String
301
302
  ) -> _PutSecretValueResponseSuccess
302
303
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _PutSecretValueResponseSuccess
303
304
 
data/sig/types.rbs CHANGED
@@ -268,7 +268,8 @@ module Aws::SecretsManager
268
268
  attr_accessor secret_binary: ::String
269
269
  attr_accessor secret_string: ::String
270
270
  attr_accessor version_stages: ::Array[::String]
271
- SENSITIVE: [:secret_binary, :secret_string]
271
+ attr_accessor rotation_token: ::String
272
+ SENSITIVE: [:secret_binary, :secret_string, :rotation_token]
272
273
  end
273
274
 
274
275
  class PutSecretValueResponse
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-secretsmanager
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.95.0
4
+ version: 1.97.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-05-20 00:00:00.000000000 Z
11
+ date: 2024-06-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: '3'
20
20
  - - ">="
21
21
  - !ruby/object:Gem::Version
22
- version: 3.193.0
22
+ version: 3.197.0
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: '3'
30
30
  - - ">="
31
31
  - !ruby/object:Gem::Version
32
- version: 3.193.0
32
+ version: 3.197.0
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: aws-sigv4
35
35
  requirement: !ruby/object:Gem::Requirement