|
111 | 111 | ], |
112 | 112 | "traits": { |
113 | 113 | "smithy.api#documentation": "<p>Retrieves the contents of the encrypted fields <code>SecretString</code> or <code>SecretBinary</code> for up to 20 secrets. To retrieve a single secret, call <a>GetSecretValue</a>. </p>\n <p>To choose which secrets to retrieve, you can specify a list of secrets by name or ARN, or you can use filters. If Secrets Manager encounters errors such as <code>AccessDeniedException</code> while attempting to retrieve any of the secrets, you can see the errors in <code>Errors</code> in the response.</p>\n <p>Secrets Manager generates CloudTrail <code>GetSecretValue</code> log entries for each secret you request when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html\">Logging Secrets Manager events with CloudTrail</a>.</p>\n <p>\n <b>Required permissions: </b>\n <code>secretsmanager:BatchGetSecretValue</code>, and you must have <code>secretsmanager:GetSecretValue</code> for each secret. If you use filters, you must also have <code>secretsmanager:ListSecrets</code>. If the secrets are encrypted using customer-managed keys instead of the Amazon Web Services managed key \n <code>aws/secretsmanager</code>, then you also need <code>kms:Decrypt</code> permissions for the keys.\n For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions\">\n IAM policy actions for Secrets Manager</a> and <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html\">Authentication \n and access control in Secrets Manager</a>. </p>", |
| 114 | + "smithy.api#examples": [ |
| 115 | + { |
| 116 | + "title": "To retrieve the secret values for a group of secrets listed by name", |
| 117 | + "documentation": "The following example gets the values for three secrets.", |
| 118 | + "input": { |
| 119 | + "SecretIdList": ["MySecret1", "MySecret2", "MySecret3"] |
| 120 | + }, |
| 121 | + "output": { |
| 122 | + "SecretValues": [ |
| 123 | + { |
| 124 | + "ARN": "®ion-arn;&asm-service-name;:us-west-2:&ExampleAccountId;:secret:MySecret1-a1b2c3", |
| 125 | + "CreatedDate": 1.700591229801e9, |
| 126 | + "Name": "MySecret1", |
| 127 | + "SecretString": "{\"username\":\"diego_ramirez\",\"password\":\"EXAMPLE-PASSWORD\",\"engine\":\"mysql\",\"host\":\"secretsmanagertutorial.cluster.us-west-2.rds.amazonaws.com\",\"port\":3306,\"dbClusterIdentifier\":\"secretsmanagertutorial\"}", |
| 128 | + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEaaaaa", |
| 129 | + "VersionStages": ["AWSCURRENT"] |
| 130 | + }, |
| 131 | + { |
| 132 | + "ARN": "®ion-arn;&asm-service-name;:us-west-2:&ExampleAccountId;:secret:MySecret2-a1b2c3", |
| 133 | + "CreatedDate": 1.699911394105e9, |
| 134 | + "Name": "MySecret2", |
| 135 | + "SecretString": "{\"username\":\"akua_mansa\",\"password\":\"EXAMPLE-PASSWORD\"", |
| 136 | + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEbbbbb", |
| 137 | + "VersionStages": ["AWSCURRENT"] |
| 138 | + }, |
| 139 | + { |
| 140 | + "ARN": "®ion-arn;&asm-service-name;:us-west-2:&ExampleAccountId;:secret:MySecret3-a1b2c3", |
| 141 | + "CreatedDate": 1.699911394105e9, |
| 142 | + "Name": "MySecret3", |
| 143 | + "SecretString": "{\"username\":\"jie_liu\",\"password\":\"EXAMPLE-PASSWORD\"", |
| 144 | + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEccccc", |
| 145 | + "VersionStages": ["AWSCURRENT"] |
| 146 | + } |
| 147 | + ], |
| 148 | + "Errors": [] |
| 149 | + } |
| 150 | + } |
| 151 | + ], |
114 | 152 | "smithy.api#paginated": { |
115 | 153 | "inputToken": "NextToken", |
116 | 154 | "outputToken": "NextToken", |
|
692 | 730 | "LastRotatedDate": { |
693 | 731 | "target": "com.amazonaws.secretsmanager#LastRotatedDateType", |
694 | 732 | "traits": { |
695 | | - "smithy.api#documentation": "<p>The last date and time that Secrets Manager rotated the secret. \n If the secret isn't configured for rotation, Secrets Manager returns null.</p>" |
| 733 | + "smithy.api#documentation": "<p>The last date and time that Secrets Manager rotated the secret. \n If the secret isn't configured for rotation or rotation has been disabled, Secrets Manager returns null.</p>" |
696 | 734 | } |
697 | 735 | }, |
698 | 736 | "LastChangedDate": { |
|
716 | 754 | "NextRotationDate": { |
717 | 755 | "target": "com.amazonaws.secretsmanager#NextRotationDateType", |
718 | 756 | "traits": { |
719 | | - "smithy.api#documentation": "<p>The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation, Secrets Manager returns null.</p>" |
| 757 | + "smithy.api#documentation": "<p>The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation or rotation has been disabled, Secrets Manager returns null.</p>" |
720 | 758 | } |
721 | 759 | }, |
722 | 760 | "Tags": { |
|
951 | 989 | } |
952 | 990 | ], |
953 | 991 | "traits": { |
954 | | - "smithy.api#documentation": "<p>Generates a random password. We recommend that you specify the\n maximum length and include every character type that the system you are generating a password\n for can support.</p>\n <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html\">Logging Secrets Manager events with CloudTrail</a>.</p>\n <p>\n <b>Required permissions: </b>\n <code>secretsmanager:GetRandomPassword</code>. \n For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions\">\n IAM policy actions for Secrets Manager</a> and <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html\">Authentication \n and access control in Secrets Manager</a>. </p>", |
| 992 | + "smithy.api#documentation": "<p>Generates a random password. We recommend that you specify the\n maximum length and include every character type that the system you are generating a password\n for can support. By default, Secrets Manager uses uppercase and lowercase letters, numbers, and the following characters in passwords: <code>!\\\"#$%&'()*+,-./:;<=>?@[\\\\]^_`{|}~</code>\n </p>\n <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html\">Logging Secrets Manager events with CloudTrail</a>.</p>\n <p>\n <b>Required permissions: </b>\n <code>secretsmanager:GetRandomPassword</code>. \n For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions\">\n IAM policy actions for Secrets Manager</a> and <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html\">Authentication \n and access control in Secrets Manager</a>. </p>", |
955 | 993 | "smithy.api#examples": [ |
956 | 994 | { |
957 | 995 | "title": "To generate a random password", |
|
1222 | 1260 | "SecretBinary": { |
1223 | 1261 | "target": "com.amazonaws.secretsmanager#SecretBinaryType", |
1224 | 1262 | "traits": { |
1225 | | - "smithy.api#documentation": "<p>The decrypted secret value, if the secret value was originally provided as\n binary data in the form of a byte array. The response parameter represents the binary data as\n a <a href=\"https://tools.ietf.org/html/rfc4648#section-4\">base64-encoded</a>\n string.</p>\n <p>If the secret was created by using the Secrets Manager console, or if the secret value was \n originally provided as a string, then this field is omitted. The secret value appears in \n <code>SecretString</code> instead.</p>" |
| 1263 | + "smithy.api#documentation": "<p>The decrypted secret value, if the secret value was originally provided as\n binary data in the form of a byte array. When you retrieve a <code>SecretBinary</code> using the HTTP API, the Python SDK, or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not encoded.</p>\n <p>If the secret was created by using the Secrets Manager console, or if the secret value was \n originally provided as a string, then this field is omitted. The secret value appears in \n <code>SecretString</code> instead.</p>" |
1226 | 1264 | } |
1227 | 1265 | }, |
1228 | 1266 | "SecretString": { |
|
2055 | 2093 | } |
2056 | 2094 | ], |
2057 | 2095 | "traits": { |
2058 | | - "smithy.api#documentation": "<p>Replicates the secret to a new Regions. See <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-secrets.html\">Multi-Region secrets</a>.</p>\n <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html\">Logging Secrets Manager events with CloudTrail</a>.</p>\n <p>\n <b>Required permissions: </b>\n <code>secretsmanager:ReplicateSecretToRegions</code>. \n For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions\">\n IAM policy actions for Secrets Manager</a> and <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html\">Authentication \n and access control in Secrets Manager</a>. </p>", |
| 2096 | + "smithy.api#documentation": "<p>Replicates the secret to a new Regions. See <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-secrets.html\">Multi-Region secrets</a>.</p>\n <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html\">Logging Secrets Manager events with CloudTrail</a>.</p>\n <p>\n <b>Required permissions: </b>\n <code>secretsmanager:ReplicateSecretToRegions</code>. \n If the primary secret is encrypted with a KMS key other than <code>aws/secretsmanager</code>, you also need <code>kms:Decrypt</code> permission to the key. To encrypt the replicated secret with a KMS key other than <code>aws/secretsmanager</code>, you need <code>kms:GenerateDataKey</code> and <code>kms:Encrypt</code> to the key. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions\">\n IAM policy actions for Secrets Manager</a> and <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html\">Authentication \n and access control in Secrets Manager</a>. </p>", |
2059 | 2097 | "smithy.api#examples": [ |
2060 | 2098 | { |
2061 | 2099 | "title": "Example", |
|
2568 | 2606 | "NextRotationDate": { |
2569 | 2607 | "target": "com.amazonaws.secretsmanager#NextRotationDateType", |
2570 | 2608 | "traits": { |
2571 | | - "smithy.api#documentation": "<p>The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation, Secrets Manager returns null.</p>" |
| 2609 | + "smithy.api#documentation": "<p>The next rotation is scheduled to occur on or before this date. If the secret isn't configured for rotation or rotation has been disabled, Secrets Manager returns null.</p>" |
2572 | 2610 | } |
2573 | 2611 | }, |
2574 | 2612 | "Tags": { |
|
0 commit comments