@aws-sdk/client-secrets-manager 3.36.0 → 3.39.0

package/dist-types/ts3.4/commands/StopReplicationToReplicaCommand.d.ts

@@ -6,29 +6,11 @@ export interface StopReplicationToReplicaCommandInput extends StopReplicationToR
 }
 export interface StopReplicationToReplicaCommandOutput extends StopReplicationToReplicaResponse, __MetadataBearer {
 }
-/**
- * <p>Removes the secret from replication and promotes the secret to a regional secret in the replica Region.</p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { SecretsManagerClient, StopReplicationToReplicaCommand } from "@aws-sdk/client-secrets-manager"; // ES Modules import
- * // const { SecretsManagerClient, StopReplicationToReplicaCommand } = require("@aws-sdk/client-secrets-manager"); // CommonJS import
- * const client = new SecretsManagerClient(config);
- * const command = new StopReplicationToReplicaCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link StopReplicationToReplicaCommandInput} for command's `input` shape.
- * @see {@link StopReplicationToReplicaCommandOutput} for command's `response` shape.
- * @see {@link SecretsManagerClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class StopReplicationToReplicaCommand extends $Command<StopReplicationToReplicaCommandInput, StopReplicationToReplicaCommandOutput, SecretsManagerClientResolvedConfig> {
     readonly input: StopReplicationToReplicaCommandInput;
     constructor(input: StopReplicationToReplicaCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: SecretsManagerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<StopReplicationToReplicaCommandInput, StopReplicationToReplicaCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/TagResourceCommand.d.ts

@@ -6,84 +6,11 @@ export interface TagResourceCommandInput extends TagResourceRequest {
 }
 export interface TagResourceCommandOutput extends __MetadataBearer {
 }
-/**
- * <p>Attaches one or more tags, each consisting of a key name and a value, to the specified
- *       secret. Tags are part of the secret's overall metadata, and are not associated with any
- *       specific version of the secret. This operation only appends tags to the existing list of tags.
- *       To remove tags, you must use <a>UntagResource</a>.</p>
- *          <p>The following basic restrictions apply to tags:</p>
- *         <ul>
- *             <li>
- *                <p>Maximum number of tags per secret—50</p>
- *             </li>
- *             <li>
- *                <p>Maximum key length—127 Unicode characters in UTF-8</p>
- *             </li>
- *             <li>
- *                <p>Maximum value length—255 Unicode characters in UTF-8</p>
- *             </li>
- *             <li>
- *                <p>Tag keys and values are case sensitive.</p>
- *             </li>
- *             <li>
- *                <p>Do not use the <code>aws:</code> prefix in your tag names or values because Amazon Web Services reserves it
- *             for Amazon Web Services use. You can't edit or delete tag names or values with this
- *               prefix. Tags with this prefix do not count against your tags per secret limit.</p>
- *             </li>
- *             <li>
- *                <p>If you use your tagging schema across multiple services and resources,
- *               remember other services might have restrictions on allowed characters. Generally
- *               allowed characters: letters, spaces, and numbers representable in UTF-8, plus the
- *               following special characters: + - = . _ : / @.</p>
- *             </li>
- *          </ul>
- *          <important>
- *             <p>If you use tags as part of your security strategy, then adding or removing a tag can
- *         change permissions. If successfully completing this operation would result in you losing
- *         your permissions for this secret, then the operation is blocked and returns an Access Denied
- *         error.</p>
- *          </important>
- *          <p>
- *             <b>Minimum permissions</b>
- *          </p>
- *          <p>To run this command, you must have the following permissions:</p>
- *          <ul>
- *             <li>
- *                <p>secretsmanager:TagResource</p>
- *             </li>
- *          </ul>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>To remove one or more tags from the collection attached to a secret, use <a>UntagResource</a>.</p>
- *             </li>
- *             <li>
- *                <p>To view the list of tags attached to a secret, use <a>DescribeSecret</a>.</p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { SecretsManagerClient, TagResourceCommand } from "@aws-sdk/client-secrets-manager"; // ES Modules import
- * // const { SecretsManagerClient, TagResourceCommand } = require("@aws-sdk/client-secrets-manager"); // CommonJS import
- * const client = new SecretsManagerClient(config);
- * const command = new TagResourceCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link TagResourceCommandInput} for command's `input` shape.
- * @see {@link TagResourceCommandOutput} for command's `response` shape.
- * @see {@link SecretsManagerClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class TagResourceCommand extends $Command<TagResourceCommandInput, TagResourceCommandOutput, SecretsManagerClientResolvedConfig> {
     readonly input: TagResourceCommandInput;
     constructor(input: TagResourceCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: SecretsManagerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<TagResourceCommandInput, TagResourceCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/UntagResourceCommand.d.ts

@@ -6,57 +6,11 @@ export interface UntagResourceCommandInput extends UntagResourceRequest {
 }
 export interface UntagResourceCommandOutput extends __MetadataBearer {
 }
-/**
- * <p>Removes one or more tags from the specified secret.</p>
- *          <p>This operation is idempotent. If a requested tag is not attached to the secret, no error
- *       is returned and the secret metadata is unchanged.</p>
- *          <important>
- *             <p>If you use tags as part of your security strategy, then removing a tag can change
- *         permissions. If successfully completing this operation would result in you losing your
- *         permissions for this secret, then the operation is blocked and returns an Access Denied
- *         error.</p>
- *          </important>
- *          <p>
- *             <b>Minimum permissions</b>
- *          </p>
- *          <p>To run this command, you must have the following permissions:</p>
- *          <ul>
- *             <li>
- *                <p>secretsmanager:UntagResource</p>
- *             </li>
- *          </ul>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>To add one or more tags to the collection attached to a secret, use <a>TagResource</a>.</p>
- *             </li>
- *             <li>
- *                <p>To view the list of tags attached to a secret, use <a>DescribeSecret</a>.</p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { SecretsManagerClient, UntagResourceCommand } from "@aws-sdk/client-secrets-manager"; // ES Modules import
- * // const { SecretsManagerClient, UntagResourceCommand } = require("@aws-sdk/client-secrets-manager"); // CommonJS import
- * const client = new SecretsManagerClient(config);
- * const command = new UntagResourceCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UntagResourceCommandInput} for command's `input` shape.
- * @see {@link UntagResourceCommandOutput} for command's `response` shape.
- * @see {@link SecretsManagerClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class UntagResourceCommand extends $Command<UntagResourceCommandInput, UntagResourceCommandOutput, SecretsManagerClientResolvedConfig> {
     readonly input: UntagResourceCommandInput;
     constructor(input: UntagResourceCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: SecretsManagerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<UntagResourceCommandInput, UntagResourceCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/UpdateSecretCommand.d.ts

@@ -6,113 +6,11 @@ export interface UpdateSecretCommandInput extends UpdateSecretRequest {
 }
 export interface UpdateSecretCommandOutput extends UpdateSecretResponse, __MetadataBearer {
 }
-/**
- * <p>Modifies many of the details of the specified secret. If you include a
- *         <code>ClientRequestToken</code> and <i>either</i>
- *             <code>SecretString</code> or <code>SecretBinary</code> then it also creates a new version
- *       attached to the secret.</p>
- *          <p>To modify the rotation configuration of a secret, use <a>RotateSecret</a>
- *       instead.</p>
- *          <note>
- *             <p>The Secrets Manager console uses only the <code>SecretString</code> parameter and therefore limits
- *         you to encrypting and storing only a text string. To encrypt and store binary data as part
- *         of the version of a secret, you must use either the Amazon Web Services CLI or one of the Amazon Web Services
- *         SDKs.</p>
- *          </note>
- *          <ul>
- *             <li>
- *                <p>If a version with a <code>VersionId</code> with the same value as the
- *             <code>ClientRequestToken</code> parameter already exists, the operation results in an
- *           error. You cannot modify an existing version, you can only create a new version.</p>
- *             </li>
- *             <li>
- *                <p>If you include <code>SecretString</code> or <code>SecretBinary</code> to create a new
- *           secret version, Secrets Manager automatically attaches the staging label <code>AWSCURRENT</code> to the new
- *           version. </p>
- *             </li>
- *          </ul>
- *          <note>
- *             <ul>
- *                <li>
- *                   <p>If you call an operation to encrypt or decrypt the <code>SecretString</code>
- *           or <code>SecretBinary</code> for a secret in the same account as the calling user and that
- *           secret doesn't specify a Amazon Web Services KMS encryption key, Secrets Manager uses the account's default
- *           Amazon Web Services managed customer master key (CMK) with the alias <code>aws/secretsmanager</code>. If this key
- *           doesn't already exist in your account then Secrets Manager creates it for you automatically. All
- *           users and roles in the same Amazon Web Services account automatically have access to use the default CMK.
- *           Note that if an Secrets Manager API call results in Amazon Web Services creating the account's
- *           Amazon Web Services-managed CMK, it can result in a one-time significant delay in returning the
- *           result.</p>
- *                </li>
- *                <li>
- *                   <p>If the secret resides in a different Amazon Web Services account from the credentials calling an API that
- *           requires encryption or decryption of the secret value then you must create and use a custom
- *           Amazon Web Services KMS CMK because you can't access the default CMK for the account using credentials
- *           from a different Amazon Web Services account. Store the ARN of the CMK in the secret when you create the
- *           secret or when you update it by including it in the <code>KMSKeyId</code>. If you call an
- *           API that must encrypt or decrypt <code>SecretString</code> or <code>SecretBinary</code>
- *           using credentials from a different account then the Amazon Web Services KMS key policy must grant cross-account
- *           access to that other account's user or role for both the kms:GenerateDataKey and
- *           kms:Decrypt operations.</p>
- *                </li>
- *             </ul>
- *          </note>
- *          <p>
- *             <b>Minimum permissions</b>
- *          </p>
- *          <p>To run this command, you must have the following permissions:</p>
- *          <ul>
- *             <li>
- *                <p>secretsmanager:UpdateSecret</p>
- *             </li>
- *             <li>
- *                <p>kms:GenerateDataKey - needed only if you use a custom Amazon Web Services KMS key to encrypt the secret.
- *           You do not need this permission to use the account's Amazon Web Services managed CMK for
- *           Secrets Manager.</p>
- *             </li>
- *             <li>
- *                <p>kms:Decrypt - needed only if you use a custom Amazon Web Services KMS key to encrypt the secret. You do
- *           not need this permission to use the account's Amazon Web Services managed CMK for Secrets Manager.</p>
- *             </li>
- *          </ul>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>To create a new secret, use <a>CreateSecret</a>.</p>
- *             </li>
- *             <li>
- *                <p>To add only a new version to an existing secret, use <a>PutSecretValue</a>.</p>
- *             </li>
- *             <li>
- *                <p>To get the details for a secret, use <a>DescribeSecret</a>.</p>
- *             </li>
- *             <li>
- *                <p>To list the versions contained in a secret, use <a>ListSecretVersionIds</a>.</p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { SecretsManagerClient, UpdateSecretCommand } from "@aws-sdk/client-secrets-manager"; // ES Modules import
- * // const { SecretsManagerClient, UpdateSecretCommand } = require("@aws-sdk/client-secrets-manager"); // CommonJS import
- * const client = new SecretsManagerClient(config);
- * const command = new UpdateSecretCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UpdateSecretCommandInput} for command's `input` shape.
- * @see {@link UpdateSecretCommandOutput} for command's `response` shape.
- * @see {@link SecretsManagerClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class UpdateSecretCommand extends $Command<UpdateSecretCommandInput, UpdateSecretCommandOutput, SecretsManagerClientResolvedConfig> {
     readonly input: UpdateSecretCommandInput;
     constructor(input: UpdateSecretCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: SecretsManagerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<UpdateSecretCommandInput, UpdateSecretCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/UpdateSecretVersionStageCommand.d.ts

@@ -6,65 +6,11 @@ export interface UpdateSecretVersionStageCommandInput extends UpdateSecretVersio
 }
 export interface UpdateSecretVersionStageCommandOutput extends UpdateSecretVersionStageResponse, __MetadataBearer {
 }
-/**
- * <p>Modifies the staging labels attached to a version of a secret. Staging labels are used to
- *       track a version as it progresses through the secret rotation process. You can attach a staging
- *       label to only one version of a secret at a time. If a staging label to be added is already
- *       attached to another version, then it is moved--removed from the other version first and
- *       then attached to this one. For more information about staging labels, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/terms-concepts.html#term_staging-label">Staging
- *         Labels</a> in the <i>Amazon Web Services Secrets Manager User Guide</i>. </p>
- *          <p>The staging labels that you specify in the <code>VersionStage</code> parameter are added
- *       to the existing list of staging labels--they don't replace it.</p>
- *          <p>You can move the <code>AWSCURRENT</code> staging label to this version by including it in this
- *       call.</p>
- *          <note>
- *             <p>Whenever you move <code>AWSCURRENT</code>, Secrets Manager automatically moves the label <code>AWSPREVIOUS</code>
- *         to the version that <code>AWSCURRENT</code> was removed from.</p>
- *          </note>
- *          <p>If this action results in the last label being removed from a version, then the version is
- *       considered to be 'deprecated' and can be deleted by Secrets Manager.</p>
- *          <p>
- *             <b>Minimum permissions</b>
- *          </p>
- *          <p>To run this command, you must have the following permissions:</p>
- *          <ul>
- *             <li>
- *                <p>secretsmanager:UpdateSecretVersionStage</p>
- *             </li>
- *          </ul>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>To get the list of staging labels that are currently associated with a version of a
- *           secret, use <code>
- *                      <a>DescribeSecret</a>
- *                   </code> and examine the
- *             <code>SecretVersionsToStages</code> response value. </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { SecretsManagerClient, UpdateSecretVersionStageCommand } from "@aws-sdk/client-secrets-manager"; // ES Modules import
- * // const { SecretsManagerClient, UpdateSecretVersionStageCommand } = require("@aws-sdk/client-secrets-manager"); // CommonJS import
- * const client = new SecretsManagerClient(config);
- * const command = new UpdateSecretVersionStageCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UpdateSecretVersionStageCommandInput} for command's `input` shape.
- * @see {@link UpdateSecretVersionStageCommandOutput} for command's `response` shape.
- * @see {@link SecretsManagerClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class UpdateSecretVersionStageCommand extends $Command<UpdateSecretVersionStageCommandInput, UpdateSecretVersionStageCommandOutput, SecretsManagerClientResolvedConfig> {
     readonly input: UpdateSecretVersionStageCommandInput;
     constructor(input: UpdateSecretVersionStageCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: SecretsManagerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<UpdateSecretVersionStageCommandInput, UpdateSecretVersionStageCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/ValidateResourcePolicyCommand.d.ts

@@ -6,63 +6,11 @@ export interface ValidateResourcePolicyCommandInput extends ValidateResourcePoli
 }
 export interface ValidateResourcePolicyCommandOutput extends ValidateResourcePolicyResponse, __MetadataBearer {
 }
-/**
- * <p>Validates that the resource policy does not grant a wide range of IAM principals access to
- *       your secret. The JSON request string input and response output displays formatted code
- *       with white space and line breaks for better readability. Submit your input as a single line
- *       JSON string. A resource-based policy is optional for secrets.</p>
- *          <p>The API performs three checks when validating the secret:</p>
- *          <ul>
- *             <li>
- *                <p>Sends a call to <a href="https://aws.amazon.com/blogs/security/protect-sensitive-data-in-the-cloud-with-automated-reasoning-zelkova/">Zelkova</a>, an automated reasoning engine, to ensure your Resource Policy does not
- *           allow broad access to your secret.</p>
- *             </li>
- *             <li>
- *                <p>Checks for correct syntax in a policy.</p>
- *             </li>
- *             <li>
- *                <p>Verifies the policy does not lock out a caller.</p>
- *             </li>
- *          </ul>
- *
- *
- *          <p>
- *             <b>Minimum Permissions</b>
- *          </p>
- *          <p>You must have the permissions required to access the following APIs:</p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <code>secretsmanager:PutResourcePolicy</code>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <code>secretsmanager:ValidateResourcePolicy</code>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { SecretsManagerClient, ValidateResourcePolicyCommand } from "@aws-sdk/client-secrets-manager"; // ES Modules import
- * // const { SecretsManagerClient, ValidateResourcePolicyCommand } = require("@aws-sdk/client-secrets-manager"); // CommonJS import
- * const client = new SecretsManagerClient(config);
- * const command = new ValidateResourcePolicyCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link ValidateResourcePolicyCommandInput} for command's `input` shape.
- * @see {@link ValidateResourcePolicyCommandOutput} for command's `response` shape.
- * @see {@link SecretsManagerClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class ValidateResourcePolicyCommand extends $Command<ValidateResourcePolicyCommandInput, ValidateResourcePolicyCommandOutput, SecretsManagerClientResolvedConfig> {
     readonly input: ValidateResourcePolicyCommandInput;
     constructor(input: ValidateResourcePolicyCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: SecretsManagerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<ValidateResourcePolicyCommandInput, ValidateResourcePolicyCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/index.d.ts

@@ -0,0 +1,22 @@
+export * from "./CancelRotateSecretCommand";
+export * from "./CreateSecretCommand";
+export * from "./DeleteResourcePolicyCommand";
+export * from "./DeleteSecretCommand";
+export * from "./DescribeSecretCommand";
+export * from "./GetRandomPasswordCommand";
+export * from "./GetResourcePolicyCommand";
+export * from "./GetSecretValueCommand";
+export * from "./ListSecretVersionIdsCommand";
+export * from "./ListSecretsCommand";
+export * from "./PutResourcePolicyCommand";
+export * from "./PutSecretValueCommand";
+export * from "./RemoveRegionsFromReplicationCommand";
+export * from "./ReplicateSecretToRegionsCommand";
+export * from "./RestoreSecretCommand";
+export * from "./RotateSecretCommand";
+export * from "./StopReplicationToReplicaCommand";
+export * from "./TagResourceCommand";
+export * from "./UntagResourceCommand";
+export * from "./UpdateSecretCommand";
+export * from "./UpdateSecretVersionStageCommand";
+export * from "./ValidateResourcePolicyCommand";

package/dist-types/ts3.4/index.d.ts

@@ -1,28 +1,5 @@
-export * from "./SecretsManagerClient";
 export * from "./SecretsManager";
-export * from "./commands/CancelRotateSecretCommand";
-export * from "./commands/CreateSecretCommand";
-export * from "./commands/DeleteResourcePolicyCommand";
-export * from "./commands/DeleteSecretCommand";
-export * from "./commands/DescribeSecretCommand";
-export * from "./commands/GetRandomPasswordCommand";
-export * from "./commands/GetResourcePolicyCommand";
-export * from "./commands/GetSecretValueCommand";
-export * from "./commands/ListSecretsCommand";
-export * from "./pagination/ListSecretsPaginator";
-export * from "./commands/ListSecretVersionIdsCommand";
-export * from "./pagination/ListSecretVersionIdsPaginator";
-export * from "./commands/PutResourcePolicyCommand";
-export * from "./commands/PutSecretValueCommand";
-export * from "./commands/RemoveRegionsFromReplicationCommand";
-export * from "./commands/ReplicateSecretToRegionsCommand";
-export * from "./commands/RestoreSecretCommand";
-export * from "./commands/RotateSecretCommand";
-export * from "./commands/StopReplicationToReplicaCommand";
-export * from "./commands/TagResourceCommand";
-export * from "./commands/UntagResourceCommand";
-export * from "./commands/UpdateSecretCommand";
-export * from "./commands/UpdateSecretVersionStageCommand";
-export * from "./commands/ValidateResourcePolicyCommand";
-export * from "./pagination/Interfaces";
-export * from "./models/index";
+export * from "./SecretsManagerClient";
+export * from "./commands";
+export * from "./models";
+export * from "./pagination";