lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.10.0 vs lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.11.0
- old
+ new
@@ -688,10 +688,28 @@
# (Optional) Specifies the number of days that Secrets Manager waits
# before it can delete the secret.
#
# This value can range from 7 to 30 days. The default value is 30.
#
+ # @option params [Boolean] :force_delete_without_recovery
+ # (Optional) Specifies that the secret is to be deleted immediately
+ # without any recovery window. You cannot use both this parameter and
+ # the `RecoveryWindowInDays` parameter in the same API call.
+ #
+ # An asynchronous background process performs the actual deletion, so
+ # there can be a short delay before the operation completes. If you
+ # write code to delete and then immediately recreate a secret with the
+ # same name, ensure that your code includes appropriate back off and
+ # retry logic.
+ #
+ # Use this parameter with caution. This parameter causes the operation
+ # to skip the normal waiting period before the permanent deletion that
+ # AWS would normally impose with the `RecoveryWindowInDays` parameter.
+ # If you delete a secret with the `ForceDeleteWithouRecovery` parameter,
+ # then you have no opportunity to recover the secret. It is permanently
+ # lost.
+ #
# @return [Types::DeleteSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
#
# * {Types::DeleteSecretResponse#arn #arn} => String
# * {Types::DeleteSecretResponse#name #name} => String
# * {Types::DeleteSecretResponse#deletion_date #deletion_date} => Time
@@ -718,10 +736,11 @@
# @example Request syntax with placeholder values
#
# resp = client.delete_secret({
# secret_id: "SecretIdType", # required
# recovery_window_in_days: 1,
+ # force_delete_without_recovery: false,
# })
#
# @example Response structure
#
# resp.arn #=> String
@@ -2123,13 +2142,13 @@
def untag_resource(params = {}, options = {})
req = build_request(:untag_resource, params)
req.send_request(options)
end
- # Modifies many of the details of a secret. If you include a
- # `ClientRequestToken` and either `SecretString` or `SecretBinary` then
- # it also creates a new version attached to the secret.
+ # Modifies many of the details of the specified secret. If you include a
+ # `ClientRequestToken` and *either* `SecretString` or `SecretBinary`
+ # then it also creates a new version attached to the secret.
#
# To modify the rotation configuration of a secret, use RotateSecret
# instead.
#
# <note markdown="1"> The Secrets Manager console uses only the `SecretString` parameter and
@@ -2138,13 +2157,13 @@
# must use either the AWS CLI or one of the AWS SDKs.
#
# </note>
#
# * If a version with a `SecretVersionId` with the same value as the
- # `ClientRequestToken` parameter already exists, the operation
- # generates an error. You cannot modify an existing version, you can
- # only create new ones.
+ # `ClientRequestToken` parameter already exists, the operation results
+ # in an error. You cannot modify an existing version, you can only
+ # create a new version.
#
# * If you include `SecretString` or `SecretBinary` to create a new
# secret version, Secrets Manager automatically attaches the staging
# label `AWSCURRENT` to the new version.
#
@@ -2198,11 +2217,11 @@
#
# * To list the versions contained in a secret, use
# ListSecretVersionIds.
#
# @option params [required, String] :secret_id
- # Specifies the secret that you want to update or to which you want to
+ # Specifies the secret that you want to modify or to which you want to
# add a new version. You can specify either the Amazon Resource Name
# (ARN) or the friendly name of the secret.
#
# @option params [String] :client_request_token
# (Optional) If you want to add a new version to the secret, this
@@ -2247,43 +2266,39 @@
#
#
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
#
# @option params [String] :description
- # (Optional) Specifies a user-provided description of the secret.
+ # (Optional) Specifies an updated user-provided description of the
+ # secret.
#
# @option params [String] :kms_key_id
- # (Optional) Specifies the ARN or alias of the AWS KMS customer master
- # key (CMK) to be used to encrypt the protected text in the versions of
- # this secret.
+ # (Optional) Specifies an updated ARN or alias of the AWS KMS customer
+ # master key (CMK) to be used to encrypt the protected text in new
+ # versions of this secret.
#
- # If you don't specify this value, then Secrets Manager defaults to
- # using the default CMK in the account (the one named
- # `aws/secretsmanager`). If a AWS KMS CMK with that name doesn't exist,
- # then Secrets Manager creates it for you automatically the first time
- # it needs to encrypt a version's `Plaintext` or `PlaintextString`
- # fields.
- #
# You can only use the account's default CMK to encrypt and decrypt if
# you call this operation using credentials from the same account that
# owns the secret. If the secret is in a different account, then you
- # must create a custom CMK and provide the ARN in this field.
+ # must create a custom CMK and provide the ARN of that CMK in this
+ # field. The user making the call must have permissions to both the
+ # secret and the CMK in their respective accounts.
#
# @option params [String, IO] :secret_binary
- # (Optional) Specifies binary data that you want to encrypt and store in
- # the new version of the secret. To use this parameter in the
+ # (Optional) Specifies updated binary data that you want to encrypt and
+ # store in the new version of the secret. To use this parameter in the
# command-line tools, we recommend that you store your binary data in a
# file and then use the appropriate technique for your tool to pass the
# contents of the file as a parameter. Either `SecretBinary` or
# `SecretString` must have a value, but not both. They cannot both be
# empty.
#
# This parameter is not accessible using the Secrets Manager console.
#
# @option params [String] :secret_string
- # (Optional) Specifies text data that you want to encrypt and store in
- # this new version of the secret. Either `SecretBinary` or
+ # (Optional) Specifies updated text data that you want to encrypt and
+ # store in this new version of the secret. Either `SecretBinary` or
# `SecretString` must have a value, but not both. They cannot both be
# empty.
#
# If you create this secret by using the Secrets Manager console then
# Secrets Manager puts the protected secret text in only the
@@ -2299,14 +2314,19 @@
#
# `[\{"username":"bob"\},\{"password":"abc123xyz456"\}]`
#
# If your command-line tool or SDK requires quotation marks around the
# parameter, you should use single quotes to avoid confusion with the
- # double quotes required in the JSON text.
+ # double quotes required in the JSON text. You can also 'escape' the
+ # double quote character in the embedded JSON text by prefacing each
+ # with a backslash. For example, the following string is surrounded by
+ # double-quotes. All of the embedded double quotes are escaped:
#
+ # `"[\{"username":"bob"\},\{"password":"abc123xyz456"\}]"`
#
#
+ #
# [1]: http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json
#
# @return [Types::UpdateSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
#
# * {Types::UpdateSecretResponse#arn #arn} => String
@@ -2459,12 +2479,12 @@
# @option params [String] :move_to_version_id
# (Optional) The secret version ID that you want to add the staging
# labels to.
#
# If any of the staging labels are already attached to a different
- # version of the secret, then they are removed from that version before
- # adding them to this version.
+ # version of the secret, then they are automatically removed from that
+ # version before adding them to this version.
#
# @return [Types::UpdateSecretVersionStageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
#
# * {Types::UpdateSecretVersionStageResponse#arn #arn} => String
# * {Types::UpdateSecretVersionStageResponse#name #name} => String
@@ -2558,10 +2578,10 @@
operation: config.api.operation(operation_name),
client: self,
params: params,
config: config)
context[:gem_name] = 'aws-sdk-secretsmanager'
- context[:gem_version] = '1.10.0'
+ context[:gem_version] = '1.11.0'
Seahorse::Client::Request.new(handlers, context)
end
# @api private
# @deprecated