client.rb in aws-sdk-secretsmanager-1.19.0

- old
+ new

@@ -327,14 +327,14 @@
     #   the calling user and that secret doesn't specify a AWS KMS
     #   encryption key, Secrets Manager uses the account's default AWS
     #   managed customer master key (CMK) with the alias
     #   `aws/secretsmanager`. If this key doesn't already exist in your
     #   account then Secrets Manager creates it for you automatically. All
-    #   users in the same AWS account automatically have access to use the
-    #   default CMK. Note that if an Secrets Manager API call results in AWS
-    #   having to create the account's AWS-managed CMK, it can result in a
-    #   one-time significant delay in returning the result.
+    #   users and roles in the same AWS account automatically have access to
+    #   use the default CMK. Note that if an Secrets Manager API call
+    #   results in AWS having to create the account's AWS-managed CMK, it
+    #   can result in a one-time significant delay in returning the result.
     #
     # * If the secret is in a different AWS account from the credentials
     #   calling an API that requires encryption or decryption of the secret
     #   value then you must create and use a custom AWS KMS CMK because you
     #   can't access the default CMK for the account using credentials from
@@ -362,10 +362,13 @@
     #
     # * kms:Decrypt - needed only if you use a customer-managed AWS KMS key
     #   to encrypt the secret. You do not need this permission to use the
     #   account's default AWS managed CMK for Secrets Manager.
     #
+    # * secretsmanager:TagResource - needed only if you include the `Tags`
+    #   parameter.
+    #
     # **Related operations**
     #
     # * To delete a secret, use DeleteSecret.
     #
     # * To modify an existing secret, use UpdateSecret.
@@ -1711,14 +1714,14 @@
     #   the calling user and that secret doesn't specify a AWS KMS
     #   encryption key, Secrets Manager uses the account's default AWS
     #   managed customer master key (CMK) with the alias
     #   `aws/secretsmanager`. If this key doesn't already exist in your
     #   account then Secrets Manager creates it for you automatically. All
-    #   users in the same AWS account automatically have access to use the
-    #   default CMK. Note that if an Secrets Manager API call results in AWS
-    #   having to create the account's AWS-managed CMK, it can result in a
-    #   one-time significant delay in returning the result.
+    #   users and roles in the same AWS account automatically have access to
+    #   use the default CMK. Note that if an Secrets Manager API call
+    #   results in AWS having to create the account's AWS-managed CMK, it
+    #   can result in a one-time significant delay in returning the result.
     #
     # * If the secret is in a different AWS account from the credentials
     #   calling an API that requires encryption or decryption of the secret
     #   value then you must create and use a custom AWS KMS CMK because you
     #   can't access the default CMK for the account using credentials from
@@ -2400,14 +2403,14 @@
     #   the calling user and that secret doesn't specify a AWS KMS
     #   encryption key, Secrets Manager uses the account's default AWS
     #   managed customer master key (CMK) with the alias
     #   `aws/secretsmanager`. If this key doesn't already exist in your
     #   account then Secrets Manager creates it for you automatically. All
-    #   users in the same AWS account automatically have access to use the
-    #   default CMK. Note that if an Secrets Manager API call results in AWS
-    #   having to create the account's AWS-managed CMK, it can result in a
-    #   one-time significant delay in returning the result.
+    #   users and roles in the same AWS account automatically have access to
+    #   use the default CMK. Note that if an Secrets Manager API call
+    #   results in AWS having to create the account's AWS-managed CMK, it
+    #   can result in a one-time significant delay in returning the result.
     #
     # * If the secret is in a different AWS account from the credentials
     #   calling an API that requires encryption or decryption of the secret
     #   value then you must create and use a custom AWS KMS CMK because you
     #   can't access the default CMK for the account using credentials from
@@ -2717,29 +2720,29 @@
     #   secret names that end with a hyphen followed by six characters.
     #
     #    </note>
     #
     # @option params [required, String] :version_stage
-    #   The list of staging labels to add to this version.
+    #   The staging label to add to this version.
     #
     # @option params [String] :remove_from_version_id
-    #   Specifies the secret version ID of the version that the staging labels
-    #   are to be removed from. If the staging label you are trying to attach
+    #   Specifies the secret version ID of the version that the staging label
+    #   is to be removed from. If the staging label you are trying to attach
     #   to one version is already attached to a different version, then you
     #   must include this parameter and specify the version that the label is
     #   to be removed from. If the label is attached and you either do not
     #   specify this parameter, or the version ID does not match, then the
     #   operation fails.
     #
     # @option params [String] :move_to_version_id
     #   (Optional) The secret version ID that you want to add the staging
-    #   labels to. If you want to remove a label from a version, then do not
+    #   label to. If you want to remove a label from a version, then do not
     #   specify this parameter.
     #
-    #   If any of the staging labels are already attached to a different
-    #   version of the secret, then you must also specify the
-    #   `RemoveFromVersionId` parameter.
+    #   If the staging label is already attached to a different version of the
+    #   secret, then you must also specify the `RemoveFromVersionId`
+    #   parameter.
     #
     # @return [Types::UpdateSecretVersionStageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateSecretVersionStageResponse#arn #arn} => String
     #   * {Types::UpdateSecretVersionStageResponse#name #name} => String
@@ -2833,10 +2836,10 @@
         operation: config.api.operation(operation_name),
         client: self,
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-secretsmanager'
-      context[:gem_version] = '1.18.0'
+      context[:gem_version] = '1.19.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 
     # @api private
     # @deprecated