lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.96.0 vs lib/aws-sdk-secretsmanager/client.rb in aws-sdk-secretsmanager-1.97.0

- old
+ new

@@ -813,10 +813,15 @@ # Either `SecretString` or `SecretBinary` must have a value, but not # both. # # This parameter is not available in the Secrets Manager console. # + # Sensitive: This field contains sensitive information, so the service + # does not include it in CloudTrail log entries. If you create your own + # log entries, you must also avoid logging the information in this + # field. + # # @option params [String] :secret_string # The text data to encrypt and store in this new version of the secret. # We recommend you use a JSON structure of key/value pairs for your # secret value. # @@ -827,10 +832,15 @@ # Secrets Manager puts the protected secret text in only the # `SecretString` parameter. The Secrets Manager console stores the # information as a JSON structure of key/value pairs that a Lambda # rotation function can parse. # + # Sensitive: This field contains sensitive information, so the service + # does not include it in CloudTrail log entries. If you create your own + # log entries, you must also avoid logging the information in this + # field. + # # @option params [Array<Types::Tag>] :tags # A list of tags to attach to the secret. Each tag is a key and value # pair of strings in a JSON text string, for example: # # `[\{"Key":"CostCenter","Value":"12345"\},\{"Key":"environment","Value":"production"\}]` @@ -1499,11 +1509,12 @@ # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [5]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [required, String] :secret_id - # The ARN or name of the secret to retrieve. + # The ARN or name of the secret to retrieve. To retrieve a secret from + # another account, you must use an ARN. # # For an ARN, we recommend that you specify a complete ARN rather than a # partial ARN. See [Finding a secret from a partial ARN][1]. # # @@ -2007,13 +2018,13 @@ # fails because you can't modify an existing version; you can only # create new ones. # # Secrets Manager generates a CloudTrail log entry when you call this # action. Do not include sensitive information in request parameters - # except `SecretBinary` or `SecretString` because it might be logged. - # For more information, see [Logging Secrets Manager events with - # CloudTrail][1]. + # except `SecretBinary`, `SecretString`, or `RotationToken` because it + # might be logged. For more information, see [Logging Secrets Manager + # events with CloudTrail][1]. # # <b>Required permissions: </b> `secretsmanager:PutSecretValue`. For # more information, see [ IAM policy actions for Secrets Manager][2] and # [Authentication and access control in Secrets Manager][3]. # @@ -2085,18 +2096,28 @@ # # You must include `SecretBinary` or `SecretString`, but not both. # # You can't access this value from the Secrets Manager console. # + # Sensitive: This field contains sensitive information, so the service + # does not include it in CloudTrail log entries. If you create your own + # log entries, you must also avoid logging the information in this + # field. + # # @option params [String] :secret_string # The text to encrypt and store in the new version of the secret. # # You must include `SecretBinary` or `SecretString`, but not both. # # We recommend you create the secret string as JSON key/value pairs, as # shown in the example. # + # Sensitive: This field contains sensitive information, so the service + # does not include it in CloudTrail log entries. If you create your own + # log entries, you must also avoid logging the information in this + # field. + # # @option params [Array<String>] :version_stages # A list of staging labels to attach to this version of the secret. # Secrets Manager uses staging labels to track versions of a secret # through the rotation process. # @@ -2108,10 +2129,27 @@ # version that `AWSCURRENT` was removed from. # # If you don't include `VersionStages`, then Secrets Manager # automatically moves the staging label `AWSCURRENT` to this version. # + # @option params [String] :rotation_token + # A unique identifier that indicates the source of the request. For + # cross-account rotation (when you rotate a secret in one account by + # using a Lambda rotation function in another account) and the Lambda + # rotation function assumes an IAM role to call Secrets Manager, Secrets + # Manager validates the identity with the rotation token. For more + # information, see [How rotation works][1]. + # + # Sensitive: This field contains sensitive information, so the service + # does not include it in CloudTrail log entries. If you create your own + # log entries, you must also avoid logging the information in this + # field. + # + # + # + # [1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html + # # @return [Types::PutSecretValueResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::PutSecretValueResponse#arn #arn} => String # * {Types::PutSecretValueResponse#name #name} => String # * {Types::PutSecretValueResponse#version_id #version_id} => String @@ -2145,10 +2183,11 @@ # secret_id: "SecretIdType", # required # client_request_token: "ClientRequestTokenType", # secret_binary: "data", # secret_string: "SecretStringType", # version_stages: ["SecretVersionStageType"], + # rotation_token: "RotationTokenType", # }) # # @example Response structure # # resp.arn #=> String @@ -2938,18 +2977,28 @@ # Either `SecretBinary` or `SecretString` must have a value, but not # both. # # You can't access this parameter in the Secrets Manager console. # + # Sensitive: This field contains sensitive information, so the service + # does not include it in CloudTrail log entries. If you create your own + # log entries, you must also avoid logging the information in this + # field. + # # @option params [String] :secret_string # The text data to encrypt and store in the new version of the secret. # We recommend you use a JSON structure of key/value pairs for your # secret value. # # Either `SecretBinary` or `SecretString` must have a value, but not # both. # + # Sensitive: This field contains sensitive information, so the service + # does not include it in CloudTrail log entries. If you create your own + # log entries, you must also avoid logging the information in this + # field. + # # @return [Types::UpdateSecretResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::UpdateSecretResponse#arn #arn} => String # * {Types::UpdateSecretResponse#name #name} => String # * {Types::UpdateSecretResponse#version_id #version_id} => String @@ -3215,11 +3264,12 @@ # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html # [3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions # [4]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html # # @option params [String] :secret_id - # This field is reserved for internal use. + # The ARN or name of the secret with the resource-based policy you want + # to validate. # # @option params [required, String] :resource_policy # A JSON-formatted string that contains an Amazon Web Services # resource-based policy. The policy in the string identifies who can # access or manage this secret and its versions. For example policies, @@ -3285,10 +3335,10 @@ operation: config.api.operation(operation_name), client: self, params: params, config: config) context[:gem_name] = 'aws-sdk-secretsmanager' - context[:gem_version] = '1.96.0' + context[:gem_version] = '1.97.0' Seahorse::Client::Request.new(handlers, context) end # @api private # @deprecated