lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.59.0 vs lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.60.0

- old
+ new

@@ -380,19 +380,23 @@ # more information, see [ IAM policy actions for Secrets Manager][1] and # [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @return [Types::CancelRotateSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::CancelRotateSecretResponse#arn #arn} => String # * {Types::CancelRotateSecretResponse#name #name} => String # * {Types::CancelRotateSecretResponse#version_id #version_id} => String @@ -433,12 +437,13 @@ def cancel_rotate_secret(params = {}, options = {}) req = build_request(:cancel_rotate_secret, params) req.send_request(options) end - # Creates a new secret. A *secret* is a set of credentials, such as a - # user name and password, that you store in an encrypted form in Secrets + # Creates a new secret. A *secret* can be a password, a set of + # credentials such as a user name and password, an OAuth token, or other + # secret information that you store in an encrypted form in Secrets # Manager. The secret also includes the connection information to access # a database or other service, which Secrets Manager doesn't encrypt. A # secret in Secrets Manager consists of both the protected secret data # and the important information needed to manage the secret. # @@ -449,10 +454,15 @@ # in either the `SecretString` parameter or the `SecretBinary` # parameter, but not both. If you include `SecretString` or # `SecretBinary` then Secrets Manager creates an initial secret version # and automatically attaches the staging label `AWSCURRENT` to it. # + # For database credentials you want to rotate, for Secrets Manager to be + # able to rotate the secret, you must make sure the JSON you store in + # the `SecretString` matches the [JSON structure of a database + # secret][2]. + # # If you don't specify an KMS encryption key, Secrets Manager uses the # Amazon Web Services managed key `aws/secretsmanager`. If this key # doesn't already exist in your account, then Secrets Manager creates # it for you automatically. All users and roles in the Amazon Web # Services account automatically have access to use @@ -462,19 +472,26 @@ # If the secret is in a different Amazon Web Services account from the # credentials calling the API, then you can't use `aws/secretsmanager` # to encrypt the secret, and you must create and use a customer managed # KMS key. # - # <b>Required permissions: </b> `secretsmanager:CreateSecret`. For more - # information, see [ IAM policy actions for Secrets Manager][2] and - # [Authentication and access control in Secrets Manager][3]. + # <b>Required permissions: </b> `secretsmanager:CreateSecret`. If you + # include tags in the secret, you also need + # `secretsmanager:TagResource`. For more information, see [ IAM policy + # actions for Secrets Manager][3] and [Authentication and access control + # in Secrets Manager][4]. # + # To encrypt the secret with a KMS key other than `aws/secretsmanager`, + # you need `kms:GenerateDataKey` and `kms:Decrypt` permission to the + # key. # # + # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html - # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions - # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html + # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions + # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :name # The name of the new secret. # # The secret name can contain ASCII letters, numbers, and the following @@ -710,20 +727,24 @@ # For more information, see [ IAM policy actions for Secrets Manager][1] # and [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret to delete the attached resource-based # policy for. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @return [Types::DeleteResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DeleteResourcePolicyResponse#arn #arn} => String # * {Types::DeleteResourcePolicyResponse#name #name} => String # @@ -789,19 +810,23 @@ # [Authentication and access control in Secrets Manager][3]. # # # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_delete-secret.html - # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret to delete. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [Integer] :recovery_window_in_days # The number of days from 7 to 30 that Secrets Manager waits before # permanently deleting the secret. You can't use both this parameter # and `ForceDeleteWithoutRecovery` in the same call. If you don't use # either, then Secrets Manager defaults to a 30 day recovery window. @@ -881,19 +906,23 @@ # more information, see [ IAM policy actions for Secrets Manager][1] and # [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @return [Types::DescribeSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribeSecretResponse#arn #arn} => String # * {Types::DescribeSecretResponse#name #name} => String # * {Types::DescribeSecretResponse#description #description} => String @@ -1011,11 +1040,11 @@ # more information, see [ IAM policy actions for Secrets Manager][1] and # [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [Integer] :password_length # The length of the password. If you don't include this parameter, the # default length is 32 characters. @@ -1109,20 +1138,24 @@ # [Authentication and access control in Secrets Manager][3]. # # # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html - # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret to retrieve the attached resource-based # policy for. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @return [Types::GetResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetResourcePolicyResponse#arn #arn} => String # * {Types::GetResourcePolicyResponse#name #name} => String # * {Types::GetResourcePolicyResponse#resource_policy #resource_policy} => String @@ -1180,19 +1213,23 @@ # access control in Secrets Manager][3]. # # # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html - # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret to retrieve. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [String] :version_id # The unique identifier of the version of the secret to retrieve. If you # include both this parameter and `VersionStage`, the two parameters # must refer to the same secret version. If you don't specify either a # `VersionStage` or `VersionId`, then Secrets Manager returns the @@ -1284,19 +1321,23 @@ # For more information, see [ IAM policy actions for Secrets Manager][1] # and [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret whose versions you want to list. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [Integer] :max_results # The number of results to include in the response. # # If there are more results available, in the response, Secrets Manager # includes `NextToken`. To get the next results, call @@ -1407,11 +1448,11 @@ # [Authentication and access control in Secrets Manager][3]. # # # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html - # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [Integer] :max_results # The number of results to include in the response. # @@ -1536,18 +1577,22 @@ # # # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html - # [3]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # # @option params [required, String] :secret_id # The ARN or name of the secret to attach the resource-based policy. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [required, String] :resource_policy # A JSON-formatted string for an Amazon Web Services resource-based # policy. For example policies, see [Permissions policy examples][1]. # # @@ -1639,21 +1684,25 @@ # more information, see [ IAM policy actions for Secrets Manager][1] and # [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret to add a new version to. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # # If the secret doesn't already exist, use `CreateSecret` instead. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [String] :client_request_token # A unique identifier for the new version of the secret. # # <note markdown="1"> If you use the Amazon Web Services CLI or one of the Amazon Web # Services SDKs to call this operation, then you can leave this @@ -1790,11 +1839,11 @@ # see [ IAM policy actions for Secrets Manager][1] and [Authentication # and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret. # @@ -1840,11 +1889,11 @@ # access control in Secrets Manager][3]. # # # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-secrets.html - # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret to replicate. # @@ -1900,19 +1949,23 @@ # information, see [ IAM policy actions for Secrets Manager][1] and # [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret to restore. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @return [Types::RestoreSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::RestoreSecretResponse#arn #arn} => String # * {Types::RestoreSecretResponse#name #name} => String # @@ -1950,54 +2003,70 @@ req = build_request(:restore_secret, params) req.send_request(options) end # Configures and starts the asynchronous process of rotating the secret. + # For more information about rotation, see [Rotate secrets][1]. # # If you include the configuration parameters, the operation sets the # values for the secret and then immediately starts a rotation. If you # don't include the configuration parameters, the operation starts a - # rotation with the values already stored in the secret. For more - # information about rotation, see [Rotate secrets][1]. + # rotation with the values already stored in the secret. # - # To configure rotation, you include the ARN of an Amazon Web Services + # For database credentials you want to rotate, for Secrets Manager to be + # able to rotate the secret, you must make sure the secret value is in + # the [ JSON structure of a database secret][2]. In particular, if you + # want to use the [ alternating users strategy][3], your secret must + # contain the ARN of a superuser secret. + # + # To configure rotation, you also need the ARN of an Amazon Web Services # Lambda function and the schedule for the rotation. The Lambda rotation # function creates a new version of the secret and creates or updates # the credentials on the database or service to match. After testing the # new credentials, the function marks the new secret version with the # staging label `AWSCURRENT`. Then anyone who retrieves the secret gets - # the new version. For more information, see [How rotation works][2]. + # the new version. For more information, see [How rotation works][4]. # + # You can create the Lambda rotation function based on the [rotation + # function templates][5] that Secrets Manager provides. Choose a + # template that matches your [Rotation strategy][6]. + # # When rotation is successful, the `AWSPENDING` staging label might be # attached to the same version as the `AWSCURRENT` version, or it might - # not be attached to any version. + # not be attached to any version. If the `AWSPENDING` staging label is + # present but not attached to the same version as `AWSCURRENT`, then any + # later invocation of `RotateSecret` assumes that a previous rotation + # request is still in progress and returns an error. # - # If the `AWSPENDING` staging label is present but not attached to the - # same version as `AWSCURRENT`, then any later invocation of - # `RotateSecret` assumes that a previous rotation request is still in - # progress and returns an error. - # # <b>Required permissions: </b> `secretsmanager:RotateSecret`. For more - # information, see [ IAM policy actions for Secrets Manager][3] and - # [Authentication and access control in Secrets Manager][4]. You also + # information, see [ IAM policy actions for Secrets Manager][7] and + # [Authentication and access control in Secrets Manager][8]. You also # need `lambda:InvokeFunction` permissions on the rotation function. For - # more information, see [ Permissions for rotation][5]. + # more information, see [ Permissions for rotation][9]. # # # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html - # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html - # [3]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions - # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html - # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html + # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users + # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html + # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html + # [6]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html + # [7]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions + # [8]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html + # [9]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html # # @option params [required, String] :secret_id # The ARN or name of the secret to rotate. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [String] :client_request_token # A unique identifier for the new version of the secret that helps # ensure idempotency. Secrets Manager uses this value to prevent the # accidental creation of duplicate versions if there are failures and # retries during rotation. This value becomes the `VersionId` of the new @@ -2092,11 +2161,11 @@ # IAM policy actions for Secrets Manager][1] and [Authentication and # access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN of the primary secret. # @@ -2158,21 +2227,25 @@ # information, see [ IAM policy actions for Secrets Manager][1] and # [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The identifier for the secret to attach tags to. You can specify # either the Amazon Resource Name (ARN) or the friendly name of the # secret. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [required, Array<Types::Tag>] :tags # The tags to attach to the secret as a JSON text string argument. Each # element in the list consists of a `Key` and a `Value`. # # For storing multiple values, we recommend that you use a JSON text @@ -2241,19 +2314,23 @@ # information, see [ IAM policy actions for Secrets Manager][1] and # [Authentication and access control in Secrets Manager][2]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or name of the secret. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [required, Array<String>] :tag_keys # A list of tag key names to remove from the secret. You don't specify # the value. Both the key and its associated value are removed. # # This parameter requires a JSON text string argument. @@ -2344,20 +2421,24 @@ # `kms:Decrypt` permissions on the key. For more information, see [ # Secret encryption and decryption][3]. # # # - # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html # # @option params [required, String] :secret_id # The ARN or name of the secret. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [String] :client_request_token # If you include `SecretString` or `SecretBinary`, then Secrets Manager # creates a new version for the secret, and this parameter specifies the # unique identifier for the new version. # @@ -2530,20 +2611,24 @@ # access control in Secrets Manager][3]. # # # # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version - # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id # The ARN or the name of the secret with the version and staging # labelsto modify. # # For an ARN, we recommend that you specify a complete ARN rather than a - # partial ARN. + # partial ARN. See [Finding a secret from a partial ARN][1]. # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen + # # @option params [required, String] :version_stage # The staging label to add to this version. # # @option params [String] :remove_from_version_id # The ID of the version that the staging label is to be removed from. If @@ -2663,11 +2748,11 @@ # and [Authentication and access control in Secrets Manager][3]. # # # # [1]: https://aws.amazon.com/blogs/security/protect-sensitive-data-in-the-cloud-with-automated-reasoning-zelkova/ - # [2]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions + # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [String] :secret_id # This field is reserved for internal use. # @@ -2737,10 +2822,10 @@ operation: config.api.operation(operation_name), client: self, params: params, config: config) context[:gem_name] = 'aws-sdk-secretsmanager' - context[:gem_version] = '1.59.0' + context[:gem_version] = '1.60.0' Seahorse::Client::Request.new(handlers, context) end # @api private # @deprecated