lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.11.0 vs lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.12.0
- old
+ new
@@ -176,14 +176,14 @@
#
# <note markdown="1"> If you cancel a rotation that is in progress, it can leave the
# `VersionStage` labels in an unexpected state. Depending on what step
# of the rotation was in progress, you might need to remove the staging
# label `AWSPENDING` from the partially created version, specified by
- # the `SecretVersionId` response value. You should also evaluate the
- # partially rotated new version to see if it should be deleted, which
- # you can do by removing all staging labels from the new version's
- # `VersionStage` field.
+ # the `VersionId` response value. You should also evaluate the partially
+ # rotated new version to see if it should be deleted, which you can do
+ # by removing all staging labels from the new version's `VersionStage`
+ # field.
#
# </note>
#
# To successfully start a rotation, the staging label `AWSPENDING` must
# be in one of the following states:
@@ -385,11 +385,11 @@
# `SecretString` and `SecretBinary` values are different from those in
# the request then the request fails because you cannot modify an
# existing version. Instead, use PutSecretValue to create a new
# version.
#
- # This value becomes the `SecretVersionId` of the new version.
+ # This value becomes the `VersionId` of the new version.
#
# **A suitable default value is auto-generated.** You should normally
# not need to pass this option.**
#
#
@@ -684,18 +684,19 @@
# Specifies the secret that you want to delete. You can specify either
# the Amazon Resource Name (ARN) or the friendly name of the secret.
#
# @option params [Integer] :recovery_window_in_days
# (Optional) Specifies the number of days that Secrets Manager waits
- # before it can delete the secret.
+ # before it can delete the secret. You can't use both this parameter
+ # and the `ForceDeleteWithoutRecovery` parameter in the same API call.
#
# This value can range from 7 to 30 days. The default value is 30.
#
# @option params [Boolean] :force_delete_without_recovery
- # (Optional) Specifies that the secret is to be deleted immediately
- # without any recovery window. You cannot use both this parameter and
- # the `RecoveryWindowInDays` parameter in the same API call.
+ # (Optional) Specifies that the secret is to be deleted without any
+ # recovery window. You can't use both this parameter and the
+ # `RecoveryWindowInDays` parameter in the same API call.
#
# An asynchronous background process performs the actual deletion, so
# there can be a short delay before the operation completes. If you
# write code to delete and then immediately recreate a secret with the
# same name, ensure that your code includes appropriate back off and
@@ -909,10 +910,17 @@
# @option params [Boolean] :exclude_punctuation
# Specifies that the generated password should not include punctuation
# characters. The default if you do not include this switch parameter is
# that punctuation characters can be included.
#
+ # The following are the punctuation characters that *can* be included in
+ # the generated password if you don't explicitly exclude them with
+ # `ExcludeCharacters` or `ExcludePunctuation`\:
+ #
+ # `` ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` \{ | \} ~
+ # ``
+ #
# @option params [Boolean] :exclude_uppercase
# Specifies that the generated password should not include uppercase
# letters. The default if you do not include this switch parameter is
# that uppercase letters can be included.
#
@@ -1079,11 +1087,11 @@
#
# @option params [String] :version_id
# Specifies the unique identifier of the version of the secret that you
# want to retrieve. If you specify this parameter then don't specify
# `VersionStage`. If you don't specify either a `VersionStage` or
- # `SecretVersionId` then the default is to perform the operation on the
+ # `VersionId` then the default is to perform the operation on the
# version with the `VersionStage` value of `AWSCURRENT`.
#
# This value is typically a [UUID-type][1] value with 32 hexadecimal
# digits.
#
@@ -1095,12 +1103,12 @@
# Specifies the secret version that you want to retrieve by the staging
# label attached to the version.
#
# Staging labels are used to keep track of different versions during the
# rotation process. If you use this parameter then don't specify
- # `SecretVersionId`. If you don't specify either a `VersionStage` or
- # `SecretVersionId`, then the default is to perform the operation on the
+ # `VersionId`. If you don't specify either a `VersionStage` or
+ # `VersionId`, then the default is to perform the operation on the
# version with the `VersionStage` value of `AWSCURRENT`.
#
# @return [Types::GetSecretValueResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
#
# * {Types::GetSecretValueResponse#arn #arn} => String
@@ -1539,14 +1547,14 @@
# version to this version (because you included it in the
# `StagingLabels` parameter) then Secrets Manager also automatically
# moves the staging label `AWSPREVIOUS` to the version that
# `AWSCURRENT` was removed from.
#
- # * This operation is idempotent. If a version with a `SecretVersionId`
- # with the same value as the `ClientRequestToken` parameter already
- # exists and you specify the same secret data, the operation succeeds
- # but does nothing. However, if the secret data is different, then the
+ # * This operation is idempotent. If a version with a `VersionId` with
+ # the same value as the `ClientRequestToken` parameter already exists
+ # and you specify the same secret data, the operation succeeds but
+ # does nothing. However, if the secret data is different, then the
# operation fails because you cannot modify an existing version; you
# can only create new ones.
#
# <note markdown="1"> * If you call an operation that needs to encrypt or decrypt the
# `SecretString` or `SecretBinary` for a secret in the same account as
@@ -1631,11 +1639,11 @@
# `SecretString` and `SecretBinary` values are different from those in
# the request then the request fails because you cannot modify an
# existing secret version. You can only create new versions to store
# new secret values.
#
- # This value becomes the `SecretVersionId` of the new version.
+ # This value becomes the `VersionId` of the new version.
#
# **A suitable default value is auto-generated.** You should normally
# not need to pass this option.**
#
#
@@ -1835,10 +1843,18 @@
# begin to use the new version. For more information about rotating
# secrets and how to configure a Lambda function to rotate the secrets
# for your protected service, see [Rotating Secrets in AWS Secrets
# Manager][1] in the *AWS Secrets Manager User Guide*.
#
+ # Secrets Manager schedules the next rotation when the previous one is
+ # complete. Secrets Manager schedules the date by adding the rotation
+ # interval (number of days) to the actual date of the last rotation. The
+ # service chooses the hour within that 24-hour date window randomly. The
+ # minute is also chosen somewhat randomly, but weighted towards the top
+ # of the hour and influenced by a variety of factors that help
+ # distribute load.
+ #
# The rotation function must end with the versions of the secret in one
# of two states:
#
# * The `AWSPENDING` and `AWSCURRENT` staging labels are attached to the
# same version of the secret, or
@@ -1896,26 +1912,13 @@
# twice. We recommend that you generate a [UUID-type][1] value to ensure
# uniqueness within the specified secret.
#
# Secrets Manager uses this value to prevent the accidental creation of
# duplicate versions if there are failures and retries during the
- # function's processing.
+ # function's processing. This value becomes the `VersionId` of the new
+ # version.
#
- # * If the `ClientRequestToken` value isn't already associated with a
- # version of the secret then a new version of the secret is created.
- #
- # * If a version with this value already exists and that version's
- # `SecretString` and `SecretBinary` values are the same as the
- # request, then the request is ignored (the operation is idempotent).
- #
- # * If a version with this value already exists and that version's
- # `SecretString` and `SecretBinary` values are different from the
- # request then an error occurs because you cannot modify an existing
- # secret value.
- #
- # This value becomes the `SecretVersionId` of the new version.
- #
# **A suitable default value is auto-generated.** You should normally
# not need to pass this option.**
#
#
#
@@ -2156,11 +2159,11 @@
# encrypt and store binary data as part of the version of a secret, you
# must use either the AWS CLI or one of the AWS SDKs.
#
# </note>
#
- # * If a version with a `SecretVersionId` with the same value as the
+ # * If a version with a `VersionId` with the same value as the
# `ClientRequestToken` parameter already exists, the operation results
# in an error. You cannot modify an existing version, you can only
# create a new version.
#
# * If you include `SecretString` or `SecretBinary` to create a new
@@ -2256,11 +2259,11 @@
# * If a version with this value already exists and that version's
# `SecretString` and `SecretBinary` values are different from the
# request then an error occurs because you cannot modify an existing
# secret value.
#
- # This value becomes the `SecretVersionId` of the new version.
+ # This value becomes the `VersionId` of the new version.
#
# **A suitable default value is auto-generated.** You should normally
# not need to pass this option.**
#
#
@@ -2578,10 +2581,10 @@
operation: config.api.operation(operation_name),
client: self,
params: params,
config: config)
context[:gem_name] = 'aws-sdk-secretsmanager'
- context[:gem_version] = '1.11.0'
+ context[:gem_version] = '1.12.0'
Seahorse::Client::Request.new(handlers, context)
end
# @api private
# @deprecated