@aws-sdk/client-secrets-manager 3.451.0 → 3.458.0

package/dist-es/commands/BatchGetSecretValueCommand.js

@@ -0,0 +1,48 @@
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { SMITHY_CONTEXT_KEY, } from "@smithy/types";
+import { BatchGetSecretValueResponseFilterSensitiveLog, } from "../models/models_0";
+import { de_BatchGetSecretValueCommand, se_BatchGetSecretValueCommand } from "../protocols/Aws_json1_1";
+export { $Command };
+export class BatchGetSecretValueCommand extends $Command {
+    static getEndpointParameterInstructions() {
+        return {
+            UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
+            Endpoint: { type: "builtInParams", name: "endpoint" },
+            Region: { type: "builtInParams", name: "region" },
+            UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
+        };
+    }
+    constructor(input) {
+        super();
+        this.input = input;
+    }
+    resolveMiddleware(clientStack, configuration, options) {
+        this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
+        this.middlewareStack.use(getEndpointPlugin(configuration, BatchGetSecretValueCommand.getEndpointParameterInstructions()));
+        const stack = clientStack.concat(this.middlewareStack);
+        const { logger } = configuration;
+        const clientName = "SecretsManagerClient";
+        const commandName = "BatchGetSecretValueCommand";
+        const handlerExecutionContext = {
+            logger,
+            clientName,
+            commandName,
+            inputFilterSensitiveLog: (_) => _,
+            outputFilterSensitiveLog: BatchGetSecretValueResponseFilterSensitiveLog,
+            [SMITHY_CONTEXT_KEY]: {
+                service: "secretsmanager",
+                operation: "BatchGetSecretValue",
+            },
+        };
+        const { requestHandler } = configuration;
+        return stack.resolve((request) => requestHandler.handle(request.request, options || {}), handlerExecutionContext);
+    }
+    serialize(input, context) {
+        return se_BatchGetSecretValueCommand(input, context);
+    }
+    deserialize(output, context) {
+        return de_BatchGetSecretValueCommand(output, context);
+    }
+}

package/dist-es/commands/index.js

@@ -1,3 +1,4 @@
+export * from "./BatchGetSecretValueCommand";
 export * from "./CancelRotateSecretCommand";
 export * from "./CreateSecretCommand";
 export * from "./DeleteResourcePolicyCommand";

package/dist-es/models/models_0.js

@@ -1,5 +1,27 @@
 import { SENSITIVE_STRING } from "@smithy/smithy-client";
 import { SecretsManagerServiceException as __BaseException } from "./SecretsManagerServiceException";
+export const FilterNameStringType = {
+    all: "all",
+    description: "description",
+    name: "name",
+    owning_service: "owning-service",
+    primary_region: "primary-region",
+    tag_key: "tag-key",
+    tag_value: "tag-value",
+};
+export class DecryptionFailure extends __BaseException {
+    constructor(opts) {
+        super({
+            name: "DecryptionFailure",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "DecryptionFailure";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, DecryptionFailure.prototype);
+        this.Message = opts.Message;
+    }
+}
 export class InternalServiceError extends __BaseException {
     constructor(opts) {
         super({
@@ -13,6 +35,19 @@ export class InternalServiceError extends __BaseException {
         this.Message = opts.Message;
     }
 }
+export class InvalidNextTokenException extends __BaseException {
+    constructor(opts) {
+        super({
+            name: "InvalidNextTokenException",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "InvalidNextTokenException";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, InvalidNextTokenException.prototype);
+        this.Message = opts.Message;
+    }
+}
 export class InvalidParameterException extends __BaseException {
     constructor(opts) {
         super({
@@ -57,19 +92,6 @@ export const StatusType = {
     InProgress: "InProgress",
     InSync: "InSync",
 };
-export class DecryptionFailure extends __BaseException {
-    constructor(opts) {
-        super({
-            name: "DecryptionFailure",
-            $fault: "client",
-            ...opts,
-        });
-        this.name = "DecryptionFailure";
-        this.$fault = "client";
-        Object.setPrototypeOf(this, DecryptionFailure.prototype);
-        this.Message = opts.Message;
-    }
-}
 export class EncryptionFailure extends __BaseException {
     constructor(opts) {
         super({
@@ -135,28 +157,6 @@ export class ResourceExistsException extends __BaseException {
         this.Message = opts.Message;
     }
 }
-export const FilterNameStringType = {
-    all: "all",
-    description: "description",
-    name: "name",
-    owning_service: "owning-service",
-    primary_region: "primary-region",
-    tag_key: "tag-key",
-    tag_value: "tag-value",
-};
-export class InvalidNextTokenException extends __BaseException {
-    constructor(opts) {
-        super({
-            name: "InvalidNextTokenException",
-            $fault: "client",
-            ...opts,
-        });
-        this.name = "InvalidNextTokenException";
-        this.$fault = "client";
-        Object.setPrototypeOf(this, InvalidNextTokenException.prototype);
-        this.Message = opts.Message;
-    }
-}
 export const SortOrderType = {
     asc: "asc",
     desc: "desc",
@@ -174,6 +174,15 @@ export class PublicPolicyException extends __BaseException {
         this.Message = opts.Message;
     }
 }
+export const SecretValueEntryFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.SecretBinary && { SecretBinary: SENSITIVE_STRING }),
+    ...(obj.SecretString && { SecretString: SENSITIVE_STRING }),
+});
+export const BatchGetSecretValueResponseFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.SecretValues && { SecretValues: obj.SecretValues.map((item) => SecretValueEntryFilterSensitiveLog(item)) }),
+});
 export const CreateSecretRequestFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.SecretBinary && { SecretBinary: SENSITIVE_STRING }),

package/dist-es/pagination/BatchGetSecretValuePaginator.js

@@ -0,0 +1,25 @@
+import { BatchGetSecretValueCommand, } from "../commands/BatchGetSecretValueCommand";
+import { SecretsManagerClient } from "../SecretsManagerClient";
+const makePagedClientRequest = async (client, input, ...args) => {
+    return await client.send(new BatchGetSecretValueCommand(input), ...args);
+};
+export async function* paginateBatchGetSecretValue(config, input, ...additionalArguments) {
+    let token = config.startingToken || undefined;
+    let hasNext = true;
+    let page;
+    while (hasNext) {
+        input.NextToken = token;
+        input["MaxResults"] = config.pageSize;
+        if (config.client instanceof SecretsManagerClient) {
+            page = await makePagedClientRequest(config.client, input, ...additionalArguments);
+        }
+        else {
+            throw new Error("Invalid client, expected SecretsManager | SecretsManagerClient");
+        }
+        yield page;
+        const prevToken = token;
+        token = page.NextToken;
+        hasNext = !!(token && (!config.stopOnSameToken || token !== prevToken));
+    }
+    return undefined;
+}

package/dist-es/pagination/index.js

@@ -1,3 +1,4 @@
+export * from "./BatchGetSecretValuePaginator";
 export * from "./Interfaces";
 export * from "./ListSecretVersionIdsPaginator";
 export * from "./ListSecretsPaginator";

package/dist-es/protocols/Aws_json1_1.js

@@ -3,6 +3,12 @@ import { _json, collectBody, decorateServiceException as __decorateServiceExcept
 import { v4 as generateIdempotencyToken } from "uuid";
 import { DecryptionFailure, EncryptionFailure, InternalServiceError, InvalidNextTokenException, InvalidParameterException, InvalidRequestException, LimitExceededException, MalformedPolicyDocumentException, PreconditionNotMetException, PublicPolicyException, ResourceExistsException, ResourceNotFoundException, } from "../models/models_0";
 import { SecretsManagerServiceException as __BaseException } from "../models/SecretsManagerServiceException";
+export const se_BatchGetSecretValueCommand = async (input, context) => {
+    const headers = sharedHeaders("BatchGetSecretValue");
+    let body;
+    body = JSON.stringify(_json(input));
+    return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
 export const se_CancelRotateSecretCommand = async (input, context) => {
     const headers = sharedHeaders("CancelRotateSecret");
     let body;
@@ -135,6 +141,53 @@ export const se_ValidateResourcePolicyCommand = async (input, context) => {
     body = JSON.stringify(_json(input));
     return buildHttpRpcRequest(context, headers, "/", undefined, body);
 };
+export const de_BatchGetSecretValueCommand = async (output, context) => {
+    if (output.statusCode >= 300) {
+        return de_BatchGetSecretValueCommandError(output, context);
+    }
+    const data = await parseBody(output.body, context);
+    let contents = {};
+    contents = de_BatchGetSecretValueResponse(data, context);
+    const response = {
+        $metadata: deserializeMetadata(output),
+        ...contents,
+    };
+    return response;
+};
+const de_BatchGetSecretValueCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "DecryptionFailure":
+        case "com.amazonaws.secretsmanager#DecryptionFailure":
+            throw await de_DecryptionFailureRes(parsedOutput, context);
+        case "InternalServiceError":
+        case "com.amazonaws.secretsmanager#InternalServiceError":
+            throw await de_InternalServiceErrorRes(parsedOutput, context);
+        case "InvalidNextTokenException":
+        case "com.amazonaws.secretsmanager#InvalidNextTokenException":
+            throw await de_InvalidNextTokenExceptionRes(parsedOutput, context);
+        case "InvalidParameterException":
+        case "com.amazonaws.secretsmanager#InvalidParameterException":
+            throw await de_InvalidParameterExceptionRes(parsedOutput, context);
+        case "InvalidRequestException":
+        case "com.amazonaws.secretsmanager#InvalidRequestException":
+            throw await de_InvalidRequestExceptionRes(parsedOutput, context);
+        case "ResourceNotFoundException":
+        case "com.amazonaws.secretsmanager#ResourceNotFoundException":
+            throw await de_ResourceNotFoundExceptionRes(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            return throwDefaultError({
+                output,
+                parsedBody,
+                errorCode,
+            });
+    }
+};
 export const de_CancelRotateSecretCommand = async (output, context) => {
     if (output.statusCode >= 300) {
         return de_CancelRotateSecretCommandError(output, context);
@@ -1237,6 +1290,13 @@ const se_UpdateSecretRequest = (input, context) => {
         SecretString: [],
     });
 };
+const de_BatchGetSecretValueResponse = (output, context) => {
+    return take(output, {
+        Errors: _json,
+        NextToken: __expectString,
+        SecretValues: (_) => de_SecretValuesType(_, context),
+    });
+};
 const de_CreateSecretResponse = (output, context) => {
     return take(output, {
         ARN: __expectString,
@@ -1357,6 +1417,25 @@ const de_SecretListType = (output, context) => {
     });
     return retVal;
 };
+const de_SecretValueEntry = (output, context) => {
+    return take(output, {
+        ARN: __expectString,
+        CreatedDate: (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),
+        Name: __expectString,
+        SecretBinary: context.base64Decoder,
+        SecretString: __expectString,
+        VersionId: __expectString,
+        VersionStages: _json,
+    });
+};
+const de_SecretValuesType = (output, context) => {
+    const retVal = (output || [])
+        .filter((e) => e != null)
+        .map((entry) => {
+        return de_SecretValueEntry(entry, context);
+    });
+    return retVal;
+};
 const de_SecretVersionsListEntry = (output, context) => {
     return take(output, {
         CreatedDate: (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),

package/dist-types/SecretsManager.d.ts

@@ -1,4 +1,5 @@
 import { HttpHandlerOptions as __HttpHandlerOptions } from "@smithy/types";
+import { BatchGetSecretValueCommandInput, BatchGetSecretValueCommandOutput } from "./commands/BatchGetSecretValueCommand";
 import { CancelRotateSecretCommandInput, CancelRotateSecretCommandOutput } from "./commands/CancelRotateSecretCommand";
 import { CreateSecretCommandInput, CreateSecretCommandOutput } from "./commands/CreateSecretCommand";
 import { DeleteResourcePolicyCommandInput, DeleteResourcePolicyCommandOutput } from "./commands/DeleteResourcePolicyCommand";
@@ -23,6 +24,12 @@ import { UpdateSecretVersionStageCommandInput, UpdateSecretVersionStageCommandOu
 import { ValidateResourcePolicyCommandInput, ValidateResourcePolicyCommandOutput } from "./commands/ValidateResourcePolicyCommand";
 import { SecretsManagerClient } from "./SecretsManagerClient";
 export interface SecretsManager {
+    /**
+     * @see {@link BatchGetSecretValueCommand}
+     */
+    batchGetSecretValue(args: BatchGetSecretValueCommandInput, options?: __HttpHandlerOptions): Promise<BatchGetSecretValueCommandOutput>;
+    batchGetSecretValue(args: BatchGetSecretValueCommandInput, cb: (err: any, data?: BatchGetSecretValueCommandOutput) => void): void;
+    batchGetSecretValue(args: BatchGetSecretValueCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: BatchGetSecretValueCommandOutput) => void): void;
     /**
      * @see {@link CancelRotateSecretCommand}
      */

package/dist-types/SecretsManagerClient.d.ts

@@ -8,6 +8,7 @@ import { RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"
 import { HttpHandler as __HttpHandler } from "@smithy/protocol-http";
 import { Client as __Client, DefaultsMode as __DefaultsMode, SmithyConfiguration as __SmithyConfiguration, SmithyResolvedConfiguration as __SmithyResolvedConfiguration } from "@smithy/smithy-client";
 import { BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
+import { BatchGetSecretValueCommandInput, BatchGetSecretValueCommandOutput } from "./commands/BatchGetSecretValueCommand";
 import { CancelRotateSecretCommandInput, CancelRotateSecretCommandOutput } from "./commands/CancelRotateSecretCommand";
 import { CreateSecretCommandInput, CreateSecretCommandOutput } from "./commands/CreateSecretCommand";
 import { DeleteResourcePolicyCommandInput, DeleteResourcePolicyCommandOutput } from "./commands/DeleteResourcePolicyCommand";
@@ -36,11 +37,11 @@ export { __Client };
 /**
  * @public
  */
-export type ServiceInputTypes = CancelRotateSecretCommandInput | CreateSecretCommandInput | DeleteResourcePolicyCommandInput | DeleteSecretCommandInput | DescribeSecretCommandInput | GetRandomPasswordCommandInput | GetResourcePolicyCommandInput | GetSecretValueCommandInput | ListSecretVersionIdsCommandInput | ListSecretsCommandInput | PutResourcePolicyCommandInput | PutSecretValueCommandInput | RemoveRegionsFromReplicationCommandInput | ReplicateSecretToRegionsCommandInput | RestoreSecretCommandInput | RotateSecretCommandInput | StopReplicationToReplicaCommandInput | TagResourceCommandInput | UntagResourceCommandInput | UpdateSecretCommandInput | UpdateSecretVersionStageCommandInput | ValidateResourcePolicyCommandInput;
+export type ServiceInputTypes = BatchGetSecretValueCommandInput | CancelRotateSecretCommandInput | CreateSecretCommandInput | DeleteResourcePolicyCommandInput | DeleteSecretCommandInput | DescribeSecretCommandInput | GetRandomPasswordCommandInput | GetResourcePolicyCommandInput | GetSecretValueCommandInput | ListSecretVersionIdsCommandInput | ListSecretsCommandInput | PutResourcePolicyCommandInput | PutSecretValueCommandInput | RemoveRegionsFromReplicationCommandInput | ReplicateSecretToRegionsCommandInput | RestoreSecretCommandInput | RotateSecretCommandInput | StopReplicationToReplicaCommandInput | TagResourceCommandInput | UntagResourceCommandInput | UpdateSecretCommandInput | UpdateSecretVersionStageCommandInput | ValidateResourcePolicyCommandInput;
 /**
  * @public
  */
-export type ServiceOutputTypes = CancelRotateSecretCommandOutput | CreateSecretCommandOutput | DeleteResourcePolicyCommandOutput | DeleteSecretCommandOutput | DescribeSecretCommandOutput | GetRandomPasswordCommandOutput | GetResourcePolicyCommandOutput | GetSecretValueCommandOutput | ListSecretVersionIdsCommandOutput | ListSecretsCommandOutput | PutResourcePolicyCommandOutput | PutSecretValueCommandOutput | RemoveRegionsFromReplicationCommandOutput | ReplicateSecretToRegionsCommandOutput | RestoreSecretCommandOutput | RotateSecretCommandOutput | StopReplicationToReplicaCommandOutput | TagResourceCommandOutput | UntagResourceCommandOutput | UpdateSecretCommandOutput | UpdateSecretVersionStageCommandOutput | ValidateResourcePolicyCommandOutput;
+export type ServiceOutputTypes = BatchGetSecretValueCommandOutput | CancelRotateSecretCommandOutput | CreateSecretCommandOutput | DeleteResourcePolicyCommandOutput | DeleteSecretCommandOutput | DescribeSecretCommandOutput | GetRandomPasswordCommandOutput | GetResourcePolicyCommandOutput | GetSecretValueCommandOutput | ListSecretVersionIdsCommandOutput | ListSecretsCommandOutput | PutResourcePolicyCommandOutput | PutSecretValueCommandOutput | RemoveRegionsFromReplicationCommandOutput | ReplicateSecretToRegionsCommandOutput | RestoreSecretCommandOutput | RotateSecretCommandOutput | StopReplicationToReplicaCommandOutput | TagResourceCommandOutput | UntagResourceCommandOutput | UpdateSecretCommandOutput | UpdateSecretVersionStageCommandOutput | ValidateResourcePolicyCommandOutput;
 /**
  * @public
  */

package/dist-types/commands/BatchGetSecretValueCommand.d.ts

@@ -0,0 +1,147 @@
+import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
+import { Command as $Command } from "@smithy/smithy-client";
+import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
+import { BatchGetSecretValueRequest, BatchGetSecretValueResponse } from "../models/models_0";
+import { SecretsManagerClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecretsManagerClient";
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link BatchGetSecretValueCommand}.
+ */
+export interface BatchGetSecretValueCommandInput extends BatchGetSecretValueRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link BatchGetSecretValueCommand}.
+ */
+export interface BatchGetSecretValueCommandOutput extends BatchGetSecretValueResponse, __MetadataBearer {
+}
+/**
+ * @public
+ * <p>Retrieves the contents of the encrypted fields <code>SecretString</code> or <code>SecretBinary</code> for up to 20 secrets.  To retrieve a single secret, call <a>GetSecretValue</a>. </p>
+ *          <p>To choose which secrets to retrieve, you can specify a list of secrets by name or ARN, or you can use filters. If Secrets Manager encounters errors such as <code>AccessDeniedException</code> while attempting to retrieve any of the secrets, you can see the errors in <code>Errors</code> in the response.</p>
+ *          <p>Secrets Manager generates CloudTrail <code>GetSecretValue</code> log entries for each secret you request when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
+ *          <p>
+ *             <b>Required permissions: </b>
+ *             <code>secretsmanager:BatchGetSecretValue</code>, and you must have <code>secretsmanager:GetSecretValue</code> for each secret. If you use filters, you must also have <code>secretsmanager:ListSecrets</code>. If the secrets are encrypted using customer-managed keys instead of the Amazon Web Services managed key
+ *       <code>aws/secretsmanager</code>, then you also need <code>kms:Decrypt</code> permissions for the keys.
+ *       For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions">
+ *       IAM policy actions for Secrets Manager</a> and <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html">Authentication
+ *       and access control in Secrets Manager</a>. </p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { SecretsManagerClient, BatchGetSecretValueCommand } from "@aws-sdk/client-secrets-manager"; // ES Modules import
+ * // const { SecretsManagerClient, BatchGetSecretValueCommand } = require("@aws-sdk/client-secrets-manager"); // CommonJS import
+ * const client = new SecretsManagerClient(config);
+ * const input = { // BatchGetSecretValueRequest
+ *   SecretIdList: [ // SecretIdListType
+ *     "STRING_VALUE",
+ *   ],
+ *   Filters: [ // FiltersListType
+ *     { // Filter
+ *       Key: "description" || "name" || "tag-key" || "tag-value" || "primary-region" || "owning-service" || "all",
+ *       Values: [ // FilterValuesStringList
+ *         "STRING_VALUE",
+ *       ],
+ *     },
+ *   ],
+ *   MaxResults: Number("int"),
+ *   NextToken: "STRING_VALUE",
+ * };
+ * const command = new BatchGetSecretValueCommand(input);
+ * const response = await client.send(command);
+ * // { // BatchGetSecretValueResponse
+ * //   SecretValues: [ // SecretValuesType
+ * //     { // SecretValueEntry
+ * //       ARN: "STRING_VALUE",
+ * //       Name: "STRING_VALUE",
+ * //       VersionId: "STRING_VALUE",
+ * //       SecretBinary: "BLOB_VALUE",
+ * //       SecretString: "STRING_VALUE",
+ * //       VersionStages: [ // SecretVersionStagesType
+ * //         "STRING_VALUE",
+ * //       ],
+ * //       CreatedDate: new Date("TIMESTAMP"),
+ * //     },
+ * //   ],
+ * //   NextToken: "STRING_VALUE",
+ * //   Errors: [ // APIErrorListType
+ * //     { // APIErrorType
+ * //       SecretId: "STRING_VALUE",
+ * //       ErrorCode: "STRING_VALUE",
+ * //       Message: "STRING_VALUE",
+ * //     },
+ * //   ],
+ * // };
+ *
+ * ```
+ *
+ * @param BatchGetSecretValueCommandInput - {@link BatchGetSecretValueCommandInput}
+ * @returns {@link BatchGetSecretValueCommandOutput}
+ * @see {@link BatchGetSecretValueCommandInput} for command's `input` shape.
+ * @see {@link BatchGetSecretValueCommandOutput} for command's `response` shape.
+ * @see {@link SecretsManagerClientResolvedConfig | config} for SecretsManagerClient's `config` shape.
+ *
+ * @throws {@link DecryptionFailure} (client fault)
+ *  <p>Secrets Manager can't decrypt the protected secret text using the provided KMS key. </p>
+ *
+ * @throws {@link InternalServiceError} (server fault)
+ *  <p>An error occurred on the server side.</p>
+ *
+ * @throws {@link InvalidNextTokenException} (client fault)
+ *  <p>The <code>NextToken</code> value is invalid.</p>
+ *
+ * @throws {@link InvalidParameterException} (client fault)
+ *  <p>The parameter name or value is invalid.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>A parameter value is not valid for the current state of the
+ *       resource.</p>
+ *          <p>Possible causes:</p>
+ *          <ul>
+ *             <li>
+ *                <p>The secret is scheduled for deletion.</p>
+ *             </li>
+ *             <li>
+ *                <p>You tried to enable rotation on a secret that doesn't already have a Lambda function
+ *           ARN configured and you didn't include such an ARN as a parameter in this call. </p>
+ *             </li>
+ *             <li>
+ *                <p>The secret is managed by another service, and you must use that service to update it.
+ *           For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html">Secrets managed by other Amazon Web Services services</a>.</p>
+ *             </li>
+ *          </ul>
+ *
+ * @throws {@link ResourceNotFoundException} (client fault)
+ *  <p>Secrets Manager can't find the resource that you asked for.</p>
+ *
+ * @throws {@link SecretsManagerServiceException}
+ * <p>Base exception class for all service exceptions from SecretsManager service.</p>
+ *
+ */
+export declare class BatchGetSecretValueCommand extends $Command<BatchGetSecretValueCommandInput, BatchGetSecretValueCommandOutput, SecretsManagerClientResolvedConfig> {
+    readonly input: BatchGetSecretValueCommandInput;
+    static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
+    constructor(input: BatchGetSecretValueCommandInput);
+    /**
+     * @internal
+     */
+    resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: SecretsManagerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<BatchGetSecretValueCommandInput, BatchGetSecretValueCommandOutput>;
+    /**
+     * @internal
+     */
+    private serialize;
+    /**
+     * @internal
+     */
+    private deserialize;
+}

package/dist-types/commands/GetSecretValueCommand.d.ts

@@ -26,6 +26,7 @@ export interface GetSecretValueCommandOutput extends GetSecretValueResponse, __M
  * <p>Retrieves the contents of the encrypted fields <code>SecretString</code> or
  *         <code>SecretBinary</code> from the specified version of a secret, whichever contains
  *       content.</p>
+ *          <p>To retrieve the values for a group of secrets, call <a>BatchGetSecretValue</a>.</p>
  *          <p>We recommend that you cache your secret values by using client-side caching.
  *       Caching secrets improves speed and reduces your costs. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html">Cache secrets for
  *         your applications</a>.</p>

package/dist-types/commands/ListSecretsCommand.d.ts

@@ -28,8 +28,7 @@ export interface ListSecretsCommandOutput extends ListSecretsResponse, __Metadat
  *          <p>ListSecrets is eventually consistent, however it might not reflect changes from the last five minutes.
  *       To get the latest information for a specific secret, use <a>DescribeSecret</a>.</p>
  *          <p>To list the versions of a secret, use <a>ListSecretVersionIds</a>.</p>
- *          <p>To get the secret value from <code>SecretString</code> or <code>SecretBinary</code>,
- *       call <a>GetSecretValue</a>.</p>
+ *          <p>To retrieve the values for the secrets, call <a>BatchGetSecretValue</a> or <a>GetSecretValue</a>.</p>
  *          <p>For information about finding secrets in the console, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html">Find secrets in Secrets Manager</a>.</p>
  *          <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html">Logging Secrets Manager events with CloudTrail</a>.</p>
  *          <p>

package/dist-types/commands/index.d.ts

@@ -1,3 +1,4 @@
+export * from "./BatchGetSecretValueCommand";
 export * from "./CancelRotateSecretCommand";
 export * from "./CreateSecretCommand";
 export * from "./DeleteResourcePolicyCommand";