npm - @aws-sdk/client-secrets-manager - Versions diffs - 3.235.0 → 3.237.0 - Mend

@aws-sdk/client-secrets-manager 3.235.0 → 3.237.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/README.md +2 -5
package/dist-cjs/endpoint/ruleset.js +3 -3
package/dist-es/endpoint/ruleset.js +3 -3
package/dist-types/SecretsManager.d.ts +12 -48
package/dist-types/SecretsManagerClient.d.ts +2 -19
package/dist-types/commands/CreateSecretCommand.d.ts +3 -0
package/dist-types/commands/GetResourcePolicyCommand.d.ts +1 -1
package/dist-types/commands/GetSecretValueCommand.d.ts +0 -1
package/dist-types/commands/RotateSecretCommand.d.ts +3 -22
package/dist-types/commands/TagResourceCommand.d.ts +2 -3
package/dist-types/commands/UpdateSecretCommand.d.ts +1 -2
package/dist-types/endpoint/EndpointParameters.d.ts +1 -1
package/dist-types/models/models_0.d.ts +7 -8
package/dist-types/ts3.4/endpoint/EndpointParameters.d.ts +1 -1
package/package.json +3 -3

package/README.md CHANGED Viewed

@@ -12,23 +12,20 @@ AWS SDK for JavaScript SecretsManager Client for Node.js, Browser and React Nati
 <fullname>Amazon Web Services Secrets Manager</fullname>
 <p>Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.</p>
 <p>This guide provides descriptions of the Secrets Manager API. For more information about using this
 service, see the <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/introduction.html">Amazon Web Services Secrets Manager User Guide</a>.</p>
 <p>
 <b>API Version</b>
 </p>
 <p>This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.</p>
+<p>For a list of endpoints, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html#endpoints">Amazon Web Services Secrets Manager
+endpoints</a>.</p>
 <p>
 <b>Support and Feedback for Amazon Web Services Secrets Manager</b>
 </p>
 <p>We welcome your feedback. Send your comments to <a href="mailto:awssecretsmanager-feedback@amazon.com">awssecretsmanager-feedback@amazon.com</a>, or post your feedback and questions in the <a href="http://forums.aws.amazon.com/forum.jspa?forumID=296">Amazon Web Services Secrets Manager Discussion Forum</a>. For more
 information about the Amazon Web Services Discussion Forums, see <a href="http://forums.aws.amazon.com/help.jspa">Forums
 Help</a>.</p>
 <p>
 <b>Logging API Requests</b>
 </p>

package/dist-cjs/endpoint/ruleset.js CHANGED Viewed

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ruleSet = void 0;
-const s = "fn", t = "argv", u = "ref";
-const a = false, b = true, c = "String", d = "Boolean", e = "PartitionResult", f = "tree", g = "error", h = "endpoint", i = { [u]: "Endpoint" }, j = { [s]: "booleanEquals", [t]: [{ [u]: "UseFIPS" }, true] }, k = { [s]: "booleanEquals", [t]: [{ [u]: "UseDualStack" }, true] }, l = {}, m = { [s]: "booleanEquals", [t]: [true, { [s]: "getAttr", [t]: [{ [u]: e }, "supportsFIPS"] }] }, n = { [s]: "booleanEquals", [t]: [true, { [s]: "getAttr", [t]: [{ [u]: e }, "supportsDualStack"] }] }, o = [i], p = [j], q = [], r = [k];
-const _data = { version: "1.0", parameters: { Region: { builtIn: "AWS::Region", required: a, documentation: "The AWS region used to dispatch the request.", type: c }, UseDualStack: { builtIn: "AWS::UseDualStack", required: b, default: a, documentation: "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", type: d }, UseFIPS: { builtIn: "AWS::UseFIPS", required: b, default: a, documentation: "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", type: d }, Endpoint: { builtIn: "SDK::Endpoint", required: a, documentation: "Override the endpoint used to send this request", type: c } }, rules: [{ conditions: [{ [s]: "aws.partition", [t]: [{ [u]: "Region" }], assign: e }], type: f, rules: [{ conditions: [{ [s]: "isSet", [t]: o }, { [s]: "parseURL", [t]: o, assign: "url" }], type: f, rules: [{ conditions: p, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: g }, { conditions: q, type: f, rules: [{ conditions: r, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: g }, { conditions: q, endpoint: { url: i, properties: l, headers: l }, type: h }] }] }, { conditions: [j, k], type: f, rules: [{ conditions: [m, n], type: f, rules: [{ conditions: q, endpoint: { url: "https://secretsmanager-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: h }] }, { conditions: q, error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: g }] }, { conditions: p, type: f, rules: [{ conditions: [m], type: f, rules: [{ conditions: q, type: f, rules: [{ conditions: q, endpoint: { url: "https://secretsmanager-fips.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: h }] }] }, { conditions: q, error: "FIPS is enabled but this partition does not support FIPS", type: g }] }, { conditions: r, type: f, rules: [{ conditions: [n], type: f, rules: [{ conditions: q, endpoint: { url: "https://secretsmanager.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: h }] }, { conditions: q, error: "DualStack is enabled but this partition does not support DualStack", type: g }] }, { conditions: q, endpoint: { url: "https://secretsmanager.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: h }] }] };
+const q = "fn", r = "argv", s = "ref";
+const a = true, b = false, c = "String", d = "PartitionResult", e = "tree", f = "error", g = "endpoint", h = { "required": true, "default": false, "type": "Boolean" }, i = { [s]: "Endpoint" }, j = { [q]: "booleanEquals", [r]: [{ [s]: "UseFIPS" }, true] }, k = { [q]: "booleanEquals", [r]: [{ [s]: "UseDualStack" }, true] }, l = {}, m = { [q]: "booleanEquals", [r]: [true, { [q]: "getAttr", [r]: [{ [s]: d }, "supportsFIPS"] }] }, n = { [q]: "booleanEquals", [r]: [true, { [q]: "getAttr", [r]: [{ [s]: d }, "supportsDualStack"] }] }, o = [j], p = [k];
+const _data = { version: "1.0", parameters: { Region: { required: a, type: c }, UseDualStack: h, UseFIPS: h, Endpoint: { required: b, type: c } }, rules: [{ conditions: [{ [q]: "aws.partition", [r]: [{ [s]: "Region" }], assign: d }], type: e, rules: [{ conditions: [{ [q]: "isSet", [r]: [i] }], type: e, rules: [{ conditions: o, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: f }, { type: e, rules: [{ conditions: p, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: f }, { endpoint: { url: i, properties: l, headers: l }, type: g }] }] }, { conditions: [j, k], type: e, rules: [{ conditions: [m, n], type: e, rules: [{ endpoint: { url: "https://secretsmanager-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: g }] }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: f }] }, { conditions: o, type: e, rules: [{ conditions: [m], type: e, rules: [{ type: e, rules: [{ endpoint: { url: "https://secretsmanager-fips.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: g }] }] }, { error: "FIPS is enabled but this partition does not support FIPS", type: f }] }, { conditions: p, type: e, rules: [{ conditions: [n], type: e, rules: [{ endpoint: { url: "https://secretsmanager.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: g }] }, { error: "DualStack is enabled but this partition does not support DualStack", type: f }] }, { endpoint: { url: "https://secretsmanager.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: g }] }] };
 exports.ruleSet = _data;

package/dist-es/endpoint/ruleset.js CHANGED Viewed

@@ -1,4 +1,4 @@
-const s = "fn", t = "argv", u = "ref";
-const a = false, b = true, c = "String", d = "Boolean", e = "PartitionResult", f = "tree", g = "error", h = "endpoint", i = { [u]: "Endpoint" }, j = { [s]: "booleanEquals", [t]: [{ [u]: "UseFIPS" }, true] }, k = { [s]: "booleanEquals", [t]: [{ [u]: "UseDualStack" }, true] }, l = {}, m = { [s]: "booleanEquals", [t]: [true, { [s]: "getAttr", [t]: [{ [u]: e }, "supportsFIPS"] }] }, n = { [s]: "booleanEquals", [t]: [true, { [s]: "getAttr", [t]: [{ [u]: e }, "supportsDualStack"] }] }, o = [i], p = [j], q = [], r = [k];
-const _data = { version: "1.0", parameters: { Region: { builtIn: "AWS::Region", required: a, documentation: "The AWS region used to dispatch the request.", type: c }, UseDualStack: { builtIn: "AWS::UseDualStack", required: b, default: a, documentation: "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", type: d }, UseFIPS: { builtIn: "AWS::UseFIPS", required: b, default: a, documentation: "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", type: d }, Endpoint: { builtIn: "SDK::Endpoint", required: a, documentation: "Override the endpoint used to send this request", type: c } }, rules: [{ conditions: [{ [s]: "aws.partition", [t]: [{ [u]: "Region" }], assign: e }], type: f, rules: [{ conditions: [{ [s]: "isSet", [t]: o }, { [s]: "parseURL", [t]: o, assign: "url" }], type: f, rules: [{ conditions: p, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: g }, { conditions: q, type: f, rules: [{ conditions: r, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: g }, { conditions: q, endpoint: { url: i, properties: l, headers: l }, type: h }] }] }, { conditions: [j, k], type: f, rules: [{ conditions: [m, n], type: f, rules: [{ conditions: q, endpoint: { url: "https://secretsmanager-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: h }] }, { conditions: q, error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: g }] }, { conditions: p, type: f, rules: [{ conditions: [m], type: f, rules: [{ conditions: q, type: f, rules: [{ conditions: q, endpoint: { url: "https://secretsmanager-fips.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: h }] }] }, { conditions: q, error: "FIPS is enabled but this partition does not support FIPS", type: g }] }, { conditions: r, type: f, rules: [{ conditions: [n], type: f, rules: [{ conditions: q, endpoint: { url: "https://secretsmanager.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: h }] }, { conditions: q, error: "DualStack is enabled but this partition does not support DualStack", type: g }] }, { conditions: q, endpoint: { url: "https://secretsmanager.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: h }] }] };
+const q = "fn", r = "argv", s = "ref";
+const a = true, b = false, c = "String", d = "PartitionResult", e = "tree", f = "error", g = "endpoint", h = { "required": true, "default": false, "type": "Boolean" }, i = { [s]: "Endpoint" }, j = { [q]: "booleanEquals", [r]: [{ [s]: "UseFIPS" }, true] }, k = { [q]: "booleanEquals", [r]: [{ [s]: "UseDualStack" }, true] }, l = {}, m = { [q]: "booleanEquals", [r]: [true, { [q]: "getAttr", [r]: [{ [s]: d }, "supportsFIPS"] }] }, n = { [q]: "booleanEquals", [r]: [true, { [q]: "getAttr", [r]: [{ [s]: d }, "supportsDualStack"] }] }, o = [j], p = [k];
+const _data = { version: "1.0", parameters: { Region: { required: a, type: c }, UseDualStack: h, UseFIPS: h, Endpoint: { required: b, type: c } }, rules: [{ conditions: [{ [q]: "aws.partition", [r]: [{ [s]: "Region" }], assign: d }], type: e, rules: [{ conditions: [{ [q]: "isSet", [r]: [i] }], type: e, rules: [{ conditions: o, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: f }, { type: e, rules: [{ conditions: p, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: f }, { endpoint: { url: i, properties: l, headers: l }, type: g }] }] }, { conditions: [j, k], type: e, rules: [{ conditions: [m, n], type: e, rules: [{ endpoint: { url: "https://secretsmanager-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: g }] }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: f }] }, { conditions: o, type: e, rules: [{ conditions: [m], type: e, rules: [{ type: e, rules: [{ endpoint: { url: "https://secretsmanager-fips.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: g }] }] }, { error: "FIPS is enabled but this partition does not support FIPS", type: f }] }, { conditions: p, type: e, rules: [{ conditions: [n], type: e, rules: [{ endpoint: { url: "https://secretsmanager.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: g }] }, { error: "DualStack is enabled but this partition does not support DualStack", type: f }] }, { endpoint: { url: "https://secretsmanager.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: g }] }] };
 export const ruleSet = _data;

package/dist-types/SecretsManager.d.ts CHANGED Viewed

@@ -25,37 +25,20 @@ import { SecretsManagerClient } from "./SecretsManagerClient";
 /**
  * <fullname>Amazon Web Services Secrets Manager</fullname>
  *          <p>Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.</p>
- *
  *          <p>This guide provides descriptions of the Secrets Manager API. For more information about using this
  *       service, see the <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/introduction.html">Amazon Web Services Secrets Manager User Guide</a>.</p>
- *
  *          <p>
  *             <b>API Version</b>
  *          </p>
- *
  *          <p>This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.</p>
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
+ *          <p>For a list of endpoints, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html#endpoints">Amazon Web Services Secrets Manager
+ *       endpoints</a>.</p>
  *          <p>
  *             <b>Support and Feedback for Amazon Web Services Secrets Manager</b>
  *          </p>
  *          <p>We welcome your feedback. Send your comments to <a href="mailto:awssecretsmanager-feedback@amazon.com">awssecretsmanager-feedback@amazon.com</a>, or post your feedback and questions in the <a href="http://forums.aws.amazon.com/forum.jspa?forumID=296">Amazon Web Services Secrets Manager Discussion Forum</a>. For more
  *       information about the Amazon Web Services Discussion Forums, see <a href="http://forums.aws.amazon.com/help.jspa">Forums
  *         Help</a>.</p>
- *
  *          <p>
  *             <b>Logging API Requests</b>
  *          </p>
@@ -99,6 +82,9 @@ export declare class SecretsManager extends SecretsManagerClient {
      *       includes the connection information to access a database or other service, which Secrets Manager
      *       doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the
      *       important information needed to manage the secret.</p>
+     *          <p>For secrets that use <i>managed rotation</i>, you need to create the secret through the managing service. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html">Secrets Manager secrets managed by other Amazon Web Services services</a>.
+     *
+     *     </p>
      *          <p>For information about creating a secret in the console, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html">Create a secret</a>.</p>
      *          <p>To create a secret, you can provide the secret value to be encrypted in either the
      *       <code>SecretString</code> parameter or the <code>SecretBinary</code> parameter, but not both.
@@ -212,7 +198,7 @@ export declare class SecretsManager extends SecretsManagerClient {
      *       secret. For more information about permissions policies attached to a secret, see
      *       <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html">Permissions
      *         policies attached to a secret</a>.</p>
-     *         <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
+     *          <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
      *          <p>
      *             <b>Required permissions: </b>
      *             <code>secretsmanager:GetResourcePolicy</code>.
@@ -232,7 +218,6 @@ export declare class SecretsManager extends SecretsManagerClient {
      *         your applications</a>.</p>
      *          <p>To retrieve the previous version of a secret, use <code>VersionStage</code> and specify
      *       AWSPREVIOUS. To revert to the previous version of a secret, call <a href="https://docs.aws.amazon.com/cli/latest/reference/secretsmanager/update-secret-version-stage.html">UpdateSecretVersionStage</a>.</p>
-     *
      *          <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
      *          <p>
      *             <b>Required permissions: </b>
@@ -373,32 +358,13 @@ export declare class SecretsManager extends SecretsManagerClient {
     restoreSecret(args: RestoreSecretCommandInput, cb: (err: any, data?: RestoreSecretCommandOutput) => void): void;
     restoreSecret(args: RestoreSecretCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: RestoreSecretCommandOutput) => void): void;
     /**
-     * <p>Configures and starts the asynchronous process of rotating the secret. For more information about rotation,
-     *       see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html">Rotate secrets</a>.</p>
-     *          <p>If you include the
-     *       configuration parameters, the operation sets the values for the secret and then immediately
-     *       starts a rotation. If you don't include the configuration parameters, the operation starts a
-     *       rotation with the values already stored in the secret. </p>
-     *          <p>For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must
-     *       make sure the secret value is in the
-     *         <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html"> JSON structure
-     *         of a database secret</a>. In particular, if you want to use the <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users"> alternating users strategy</a>, your secret must contain the ARN of a superuser
-     *       secret.</p>
-     *
-     *          <p>To configure rotation, you also need the ARN of an Amazon Web Services Lambda function and the schedule
-     *       for the rotation. The Lambda rotation function creates a new
-     *       version of the secret and creates or updates the credentials on the database or service to
-     *       match. After testing the new credentials, the function marks the new secret version with the staging
-     *       label <code>AWSCURRENT</code>. Then anyone who retrieves the secret gets the new version. For more
-     *       information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html">How rotation works</a>.</p>
-     *          <p>You can create the Lambda rotation function based on the <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html">rotation function templates</a> that Secrets Manager provides. Choose
-     *       a template that matches your <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html">Rotation strategy</a>.</p>
+     * <p>Configures and starts the asynchronous process of rotating the secret. For information about rotation,
+     *       see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html">Rotate secrets</a> in the <i>Secrets Manager User Guide</i>. If you include the configuration parameters, the operation sets the values for the secret and then immediately starts a rotation. If you don't include the configuration parameters, the operation starts a rotation with the values already stored in the secret. </p>
      *          <p>When rotation is successful, the <code>AWSPENDING</code> staging label might be attached
      *       to the same version as the <code>AWSCURRENT</code> version, or it might not be attached to any
      *       version. If the <code>AWSPENDING</code> staging label is present but not attached to the same
      *       version as <code>AWSCURRENT</code>, then any later invocation of <code>RotateSecret</code>
-     *       assumes that a previous rotation request is still in progress and returns an error.</p>
-     *          <p>When rotation is unsuccessful, the <code>AWSPENDING</code> staging label might be attached to an empty secret version. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html">Troubleshoot rotation</a> in the <i>Secrets Manager User Guide</i>.</p>
+     *       assumes that a previous rotation request is still in progress and returns an error. When rotation is unsuccessful, the <code>AWSPENDING</code> staging label might be attached to an empty secret version. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html">Troubleshoot rotation</a> in the <i>Secrets Manager User Guide</i>.</p>
      *          <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
      *          <p>
      *             <b>Required permissions: </b>
@@ -429,8 +395,8 @@ export declare class SecretsManager extends SecretsManagerClient {
     /**
      * <p>Attaches tags to a secret. Tags consist of a key name and a value. Tags are part of the
      *       secret's metadata. They are not associated with specific versions of the secret. This operation appends tags to the existing list of tags.</p>
-     *             <p>The following restrictions apply to tags:</p>
-     *         <ul>
+     *          <p>The following restrictions apply to tags:</p>
+     *          <ul>
      *             <li>
      *                <p>Maximum number of tags per secret: 50</p>
      *             </li>
@@ -455,7 +421,6 @@ export declare class SecretsManager extends SecretsManagerClient {
      *               following special characters: + - = . _ : / @.</p>
      *             </li>
      *          </ul>
-     *
      *          <important>
      *             <p>If you use tags as part of your security strategy, then adding or removing a tag can
      *         change permissions. If successfully completing this operation would result in you losing
@@ -497,7 +462,7 @@ export declare class SecretsManager extends SecretsManagerClient {
     /**
      * <p>Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use <a>PutSecretValue</a>.</p>
      *          <p>To change the rotation configuration of a secret, use <a>RotateSecret</a> instead.</p>
-     *
+     *          <p>To change a secret so that it is managed by another service, you need to recreate the secret in that service. See <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html">Secrets Manager secrets managed by other Amazon Web Services services</a>.</p>
      *          <p>We recommend you avoid calling <code>UpdateSecret</code> at a sustained rate of more than
      *       once every 10 minutes. When you call <code>UpdateSecret</code> to update the secret value, Secrets Manager creates a new version
      *       of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not
@@ -508,7 +473,6 @@ export declare class SecretsManager extends SecretsManagerClient {
      *       secret version, Secrets Manager automatically moves the staging label <code>AWSCURRENT</code> to the new
      *       version. Then it attaches the label <code>AWSPREVIOUS</code>
      *         to the version that <code>AWSCURRENT</code> was removed from.</p>
-     *
      *          <p>If you call this operation with a <code>ClientRequestToken</code> that matches an existing version's
      *       <code>VersionId</code>, the operation results in an error. You can't modify an existing
      *       version, you can only create a new version. To remove a version, remove all staging labels from it. See

package/dist-types/SecretsManagerClient.d.ts CHANGED Viewed

@@ -147,37 +147,20 @@ export interface SecretsManagerClientResolvedConfig extends SecretsManagerClient
 /**
  * <fullname>Amazon Web Services Secrets Manager</fullname>
  *          <p>Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.</p>
- *
  *          <p>This guide provides descriptions of the Secrets Manager API. For more information about using this
  *       service, see the <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/introduction.html">Amazon Web Services Secrets Manager User Guide</a>.</p>
- *
  *          <p>
  *             <b>API Version</b>
  *          </p>
- *
  *          <p>This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.</p>
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
- *
+ *          <p>For a list of endpoints, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html#endpoints">Amazon Web Services Secrets Manager
+ *       endpoints</a>.</p>
  *          <p>
  *             <b>Support and Feedback for Amazon Web Services Secrets Manager</b>
  *          </p>
  *          <p>We welcome your feedback. Send your comments to <a href="mailto:awssecretsmanager-feedback@amazon.com">awssecretsmanager-feedback@amazon.com</a>, or post your feedback and questions in the <a href="http://forums.aws.amazon.com/forum.jspa?forumID=296">Amazon Web Services Secrets Manager Discussion Forum</a>. For more
  *       information about the Amazon Web Services Discussion Forums, see <a href="http://forums.aws.amazon.com/help.jspa">Forums
  *         Help</a>.</p>
- *
  *          <p>
  *             <b>Logging API Requests</b>
  *          </p>

package/dist-types/commands/CreateSecretCommand.d.ts CHANGED Viewed

@@ -14,6 +14,9 @@ export interface CreateSecretCommandOutput extends CreateSecretResponse, __Metad
  *       includes the connection information to access a database or other service, which Secrets Manager
  *       doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the
  *       important information needed to manage the secret.</p>
+ *          <p>For secrets that use <i>managed rotation</i>, you need to create the secret through the managing service. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html">Secrets Manager secrets managed by other Amazon Web Services services</a>.
+ *
+ *     </p>
  *          <p>For information about creating a secret in the console, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html">Create a secret</a>.</p>
  *          <p>To create a secret, you can provide the secret value to be encrypted in either the
  *       <code>SecretString</code> parameter or the <code>SecretBinary</code> parameter, but not both.

package/dist-types/commands/GetResourcePolicyCommand.d.ts CHANGED Viewed

@@ -12,7 +12,7 @@ export interface GetResourcePolicyCommandOutput extends GetResourcePolicyRespons
  *       secret. For more information about permissions policies attached to a secret, see
  *       <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html">Permissions
  *         policies attached to a secret</a>.</p>
- *         <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
+ *          <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
  *          <p>
  *             <b>Required permissions: </b>
  *             <code>secretsmanager:GetResourcePolicy</code>.

package/dist-types/commands/GetSecretValueCommand.d.ts CHANGED Viewed

@@ -16,7 +16,6 @@ export interface GetSecretValueCommandOutput extends GetSecretValueResponse, __M
  *         your applications</a>.</p>
  *          <p>To retrieve the previous version of a secret, use <code>VersionStage</code> and specify
  *       AWSPREVIOUS. To revert to the previous version of a secret, call <a href="https://docs.aws.amazon.com/cli/latest/reference/secretsmanager/update-secret-version-stage.html">UpdateSecretVersionStage</a>.</p>
- *
  *          <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
  *          <p>
  *             <b>Required permissions: </b>

package/dist-types/commands/RotateSecretCommand.d.ts CHANGED Viewed

@@ -8,32 +8,13 @@ export interface RotateSecretCommandInput extends RotateSecretRequest {
 export interface RotateSecretCommandOutput extends RotateSecretResponse, __MetadataBearer {
 }
 /**
- * <p>Configures and starts the asynchronous process of rotating the secret. For more information about rotation,
- *       see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html">Rotate secrets</a>.</p>
- *          <p>If you include the
- *       configuration parameters, the operation sets the values for the secret and then immediately
- *       starts a rotation. If you don't include the configuration parameters, the operation starts a
- *       rotation with the values already stored in the secret. </p>
- *          <p>For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must
- *       make sure the secret value is in the
- *         <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html"> JSON structure
- *         of a database secret</a>. In particular, if you want to use the <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users"> alternating users strategy</a>, your secret must contain the ARN of a superuser
- *       secret.</p>
- *
- *          <p>To configure rotation, you also need the ARN of an Amazon Web Services Lambda function and the schedule
- *       for the rotation. The Lambda rotation function creates a new
- *       version of the secret and creates or updates the credentials on the database or service to
- *       match. After testing the new credentials, the function marks the new secret version with the staging
- *       label <code>AWSCURRENT</code>. Then anyone who retrieves the secret gets the new version. For more
- *       information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html">How rotation works</a>.</p>
- *          <p>You can create the Lambda rotation function based on the <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html">rotation function templates</a> that Secrets Manager provides. Choose
- *       a template that matches your <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html">Rotation strategy</a>.</p>
+ * <p>Configures and starts the asynchronous process of rotating the secret. For information about rotation,
+ *       see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html">Rotate secrets</a> in the <i>Secrets Manager User Guide</i>. If you include the configuration parameters, the operation sets the values for the secret and then immediately starts a rotation. If you don't include the configuration parameters, the operation starts a rotation with the values already stored in the secret. </p>
  *          <p>When rotation is successful, the <code>AWSPENDING</code> staging label might be attached
  *       to the same version as the <code>AWSCURRENT</code> version, or it might not be attached to any
  *       version. If the <code>AWSPENDING</code> staging label is present but not attached to the same
  *       version as <code>AWSCURRENT</code>, then any later invocation of <code>RotateSecret</code>
- *       assumes that a previous rotation request is still in progress and returns an error.</p>
- *          <p>When rotation is unsuccessful, the <code>AWSPENDING</code> staging label might be attached to an empty secret version. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html">Troubleshoot rotation</a> in the <i>Secrets Manager User Guide</i>.</p>
+ *       assumes that a previous rotation request is still in progress and returns an error. When rotation is unsuccessful, the <code>AWSPENDING</code> staging label might be attached to an empty secret version. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html">Troubleshoot rotation</a> in the <i>Secrets Manager User Guide</i>.</p>
  *          <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
  *          <p>
  *             <b>Required permissions: </b>

package/dist-types/commands/TagResourceCommand.d.ts CHANGED Viewed

@@ -10,8 +10,8 @@ export interface TagResourceCommandOutput extends __MetadataBearer {
 /**
  * <p>Attaches tags to a secret. Tags consist of a key name and a value. Tags are part of the
  *       secret's metadata. They are not associated with specific versions of the secret. This operation appends tags to the existing list of tags.</p>
- *             <p>The following restrictions apply to tags:</p>
- *         <ul>
+ *          <p>The following restrictions apply to tags:</p>
+ *          <ul>
  *             <li>
  *                <p>Maximum number of tags per secret: 50</p>
  *             </li>
@@ -36,7 +36,6 @@ export interface TagResourceCommandOutput extends __MetadataBearer {
  *               following special characters: + - = . _ : / @.</p>
  *             </li>
  *          </ul>
- *
  *          <important>
  *             <p>If you use tags as part of your security strategy, then adding or removing a tag can
  *         change permissions. If successfully completing this operation would result in you losing

package/dist-types/commands/UpdateSecretCommand.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ export interface UpdateSecretCommandOutput extends UpdateSecretResponse, __Metad
 /**
  * <p>Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use <a>PutSecretValue</a>.</p>
  *          <p>To change the rotation configuration of a secret, use <a>RotateSecret</a> instead.</p>
- *
+ *          <p>To change a secret so that it is managed by another service, you need to recreate the secret in that service. See <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html">Secrets Manager secrets managed by other Amazon Web Services services</a>.</p>
  *          <p>We recommend you avoid calling <code>UpdateSecret</code> at a sustained rate of more than
  *       once every 10 minutes. When you call <code>UpdateSecret</code> to update the secret value, Secrets Manager creates a new version
  *       of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not
@@ -21,7 +21,6 @@ export interface UpdateSecretCommandOutput extends UpdateSecretResponse, __Metad
  *       secret version, Secrets Manager automatically moves the staging label <code>AWSCURRENT</code> to the new
  *       version. Then it attaches the label <code>AWSPREVIOUS</code>
  *         to the version that <code>AWSCURRENT</code> was removed from.</p>
- *
  *          <p>If you call this operation with a <code>ClientRequestToken</code> that matches an existing version's
  *       <code>VersionId</code>, the operation results in an error. You can't modify an existing
  *       version, you can only create a new version. To remove a version, remove all staging labels from it. See

package/dist-types/endpoint/EndpointParameters.d.ts CHANGED Viewed

@@ -12,7 +12,7 @@ export declare const resolveClientEndpointParameters: <T>(options: T & ClientInp
     defaultSigningName: string;
 };
 export interface EndpointParameters extends __EndpointParameters {
-    Region?: string;
+    Region: string;
     UseDualStack?: boolean;
     UseFIPS?: boolean;
     Endpoint?: string;

package/dist-types/models/models_0.d.ts CHANGED Viewed

@@ -120,7 +120,6 @@ export interface CreateSecretRequest {
      * <p>The name of the new secret.</p>
      *          <p>The secret name can contain ASCII letters, numbers, and the following characters:
      *       /_+=.@-</p>
-     *
      *          <p>Do not end your secret name with a hyphen followed by six characters. If you do so, you
      *         risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager
      *         automatically adds a hyphen and six random characters after the secret name at the end of the ARN.</p>
@@ -216,8 +215,8 @@ export interface CreateSecretRequest {
      *       JSON parameter for the various command line tool environments, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json">Using JSON for
      *         Parameters</a>. If your command-line tool or SDK requires quotation marks around the parameter, you should
      *       use single quotes to avoid confusion with the double quotes required in the JSON text.</p>
-     *             <p>The following restrictions apply to tags:</p>
-     *         <ul>
+     *          <p>The following restrictions apply to tags:</p>
+     *          <ul>
      *             <li>
      *                <p>Maximum number of tags per secret: 50</p>
      *             </li>
@@ -1261,7 +1260,8 @@ export interface RotateSecretRequest {
      */
     ClientRequestToken?: string;
     /**
-     * <p>The ARN of the Lambda rotation function that can rotate the secret.</p>
+     * <p>For secrets that use a Lambda rotation function to rotate, the ARN of the Lambda rotation function. </p>
+     *          <p>For secrets that use <i>managed rotation</i>, omit this field. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html">Managed rotation</a> in the <i>Secrets Manager User Guide</i>.</p>
      */
     RotationLambdaARN?: string;
     /**
@@ -1271,7 +1271,7 @@ export interface RotateSecretRequest {
     /**
      * <p>Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window.
      *     The rotation schedule is defined in <a>RotateSecretRequest$RotationRules</a>.</p>
-     *          <p>If you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the
+     *          <p>For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the
      *     <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html">
      *                <code>testSecret</code>
      *       step</a> of the Lambda rotation function. The test creates an <code>AWSPENDING</code> version of the secret and then removes it.</p>
@@ -1316,7 +1316,6 @@ export interface TagResourceRequest {
     /**
      * <p>The tags to attach to the secret as a JSON text string argument. Each element in the list consists of a <code>Key</code>
      *       and a <code>Value</code>.</p>
-     *
      *          <p>For storing multiple values, we recommend that you use a JSON text
      *     string argument and specify key/value pairs. For more information, see <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html">Specifying parameter values for the Amazon Web Services CLI</a>
      *     in the Amazon Web Services CLI User Guide.</p>
@@ -1371,9 +1370,9 @@ export interface UpdateSecretRequest {
      *       uses to encrypt new secret versions as well as any existing versions with the staging labels
      *       <code>AWSCURRENT</code>, <code>AWSPENDING</code>, or <code>AWSPREVIOUS</code>.
      *       For more information about versions and staging labels, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version">Concepts: Version</a>.</p>
-     *         <p>A key alias is always prefixed by <code>alias/</code>, for example <code>alias/aws/secretsmanager</code>.
+     *          <p>A key alias is always prefixed by <code>alias/</code>, for example <code>alias/aws/secretsmanager</code>.
      *           For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html">About aliases</a>.</p>
-     *           <p>If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key
+     *          <p>If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key
      *           <code>aws/secretsmanager</code>. If this key doesn't already exist in your account, then Secrets Manager
      *           creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access
      *           to use <code>aws/secretsmanager</code>. Creating <code>aws/secretsmanager</code> can result in a one-time

package/dist-types/ts3.4/endpoint/EndpointParameters.d.ts CHANGED Viewed

@@ -27,7 +27,7 @@ export declare const resolveClientEndpointParameters: <T>(
     defaultSigningName: string;
   };
 export interface EndpointParameters extends __EndpointParameters {
-  Region?: string;
+  Region: string;
   UseDualStack?: boolean;
   UseFIPS?: boolean;
   Endpoint?: string;

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-secrets-manager",
   "description": "AWS SDK for JavaScript Secrets Manager Client for Node.js, Browser and React Native",
-  "version": "3.235.0",
+  "version": "3.237.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -19,9 +19,9 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "2.0.0",
     "@aws-crypto/sha256-js": "2.0.0",
-    "@aws-sdk/client-sts": "3.235.0",
+    "@aws-sdk/client-sts": "3.236.0",
     "@aws-sdk/config-resolver": "3.234.0",
-    "@aws-sdk/credential-provider-node": "3.235.0",
+    "@aws-sdk/credential-provider-node": "3.236.0",
     "@aws-sdk/fetch-http-handler": "3.226.0",
     "@aws-sdk/hash-node": "3.226.0",
     "@aws-sdk/invalid-dependency": "3.226.0",