lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.80.0 vs lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.81.0

@@ -825,11 +825,11 @@
     #     secret_id: "MyTestDatabaseSecret", 
     #   })
     #
     #   resp.to_h outputs the following:
     #   {
-    #     arn: "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseMasterSecret-a1b2c3", 
+    #     arn: "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3", 
     #     name: "MyTestDatabaseSecret", 
     #   }
     #
     # @example Request syntax with placeholder values
     #
@@ -2666,13 +2666,16 @@
     # CloudTrail][2].
     #
     # <b>Required permissions: </b> `secretsmanager:UpdateSecret`. For more
     # information, see [ IAM policy actions for Secrets Manager][3] and
     # [Authentication and access control in Secrets Manager][4]. If you use
-    # a customer managed key, you must also have `kms:GenerateDataKey` and
-    # `kms:Decrypt` permissions on the key. For more information, see [
-    # Secret encryption and decryption][5].
+    # a customer managed key, you must also have `kms:GenerateDataKey`,
+    # `kms:Encrypt`, and `kms:Decrypt` permissions on the key. If you change
+    # the KMS key and you don't have `kms:Encrypt` permission to the new
+    # key, Secrets Manager does not re-ecrypt existing secret versions with
+    # the new key. For more information, see [ Secret encryption and
+    # decryption][5].
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html
     # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html
@@ -2715,11 +2718,13 @@
     #   The description of the secret.
     #
     # @option params [String] :kms_key_id
     #   The ARN, key ID, or alias of the KMS key that Secrets Manager uses to
     #   encrypt new secret versions as well as any existing versions with the
-    #   staging labels `AWSCURRENT`, `AWSPENDING`, or `AWSPREVIOUS`. For more
+    #   staging labels `AWSCURRENT`, `AWSPENDING`, or `AWSPREVIOUS`. If you
+    #   don't have `kms:Encrypt` permission to the new key, Secrets Manager
+    #   does not re-ecrypt existing secret versions with the new key. For more
     #   information about versions and staging labels, see [Concepts:
     #   Version][1].
     #
     #   A key alias is always prefixed by `alias/`, for example
     #   `alias/aws/secretsmanager`. For more information, see [About
@@ -3101,10 +3106,10 @@
         operation: config.api.operation(operation_name),
         client: self,
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-secretsmanager'
-      context[:gem_version] = '1.80.0'
+      context[:gem_version] = '1.81.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 
     # @api private
     # @deprecated