func FilterNameStringType_Values() []string
FilterNameStringType_Values returns all elements of the FilterNameStringType enum
func SortOrderType_Values() []string
SortOrderType_Values returns all elements of the SortOrderType enum
func StatusType_Values() []string
StatusType_Values returns all elements of the StatusType enum
type APIErrorType struct { // The error Secrets Manager encountered while retrieving an individual secret // as part of BatchGetSecretValue, for example ResourceNotFoundException,InvalidParameterException, // InvalidRequestException, DecryptionFailure, or AccessDeniedException. ErrorCode *string `type:"string"` // A message describing the error. Message *string `type:"string"` // The ARN or name of the secret. SecretId *string `min:"1" type:"string"` // contains filtered or unexported fields }
The error Secrets Manager encountered while retrieving an individual secret as part of BatchGetSecretValue.
func (s APIErrorType) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *APIErrorType) SetErrorCode(v string) *APIErrorType
SetErrorCode sets the ErrorCode field's value.
func (s *APIErrorType) SetMessage(v string) *APIErrorType
SetMessage sets the Message field's value.
func (s *APIErrorType) SetSecretId(v string) *APIErrorType
SetSecretId sets the SecretId field's value.
func (s APIErrorType) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type BatchGetSecretValueInput struct { // The filters to choose which secrets to retrieve. You must include Filters // or SecretIdList, but not both. Filters []*Filter `type:"list"` // The number of results to include in the response. // // If there are more results available, in the response, Secrets Manager includes // NextToken. To get the next results, call BatchGetSecretValue again with the // value from NextToken. To use this parameter, you must also use the Filters // parameter. MaxResults *int64 `min:"1" type:"integer"` // A token that indicates where the output should continue from, if a previous // call did not show all results. To get the next results, call BatchGetSecretValue // again with this value. NextToken *string `min:"1" type:"string"` // The ARN or names of the secrets to retrieve. You must include Filters or // SecretIdList, but not both. SecretIdList []*string `min:"1" type:"list"` // contains filtered or unexported fields }
func (s BatchGetSecretValueInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *BatchGetSecretValueInput) SetFilters(v []*Filter) *BatchGetSecretValueInput
SetFilters sets the Filters field's value.
func (s *BatchGetSecretValueInput) SetMaxResults(v int64) *BatchGetSecretValueInput
SetMaxResults sets the MaxResults field's value.
func (s *BatchGetSecretValueInput) SetNextToken(v string) *BatchGetSecretValueInput
SetNextToken sets the NextToken field's value.
func (s *BatchGetSecretValueInput) SetSecretIdList(v []*string) *BatchGetSecretValueInput
SetSecretIdList sets the SecretIdList field's value.
func (s BatchGetSecretValueInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *BatchGetSecretValueInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type BatchGetSecretValueOutput struct { // A list of errors Secrets Manager encountered while attempting to retrieve // individual secrets. Errors []*APIErrorType `type:"list"` // Secrets Manager includes this value if there's more output available than // what is included in the current response. This can occur even when the response // includes no values at all, such as when you ask for a filtered view of a // long list. To get the next results, call BatchGetSecretValue again with this // value. NextToken *string `min:"1" type:"string"` // A list of secret values. SecretValues []*SecretValueEntry `type:"list"` // contains filtered or unexported fields }
func (s BatchGetSecretValueOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *BatchGetSecretValueOutput) SetErrors(v []*APIErrorType) *BatchGetSecretValueOutput
SetErrors sets the Errors field's value.
func (s *BatchGetSecretValueOutput) SetNextToken(v string) *BatchGetSecretValueOutput
SetNextToken sets the NextToken field's value.
func (s *BatchGetSecretValueOutput) SetSecretValues(v []*SecretValueEntry) *BatchGetSecretValueOutput
SetSecretValues sets the SecretValues field's value.
func (s BatchGetSecretValueOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type CancelRotateSecretInput struct { // The ARN or name of the secret. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s CancelRotateSecretInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *CancelRotateSecretInput) SetSecretId(v string) *CancelRotateSecretInput
SetSecretId sets the SecretId field's value.
func (s CancelRotateSecretInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *CancelRotateSecretInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type CancelRotateSecretOutput struct { // The ARN of the secret. ARN *string `min:"20" type:"string"` // The name of the secret. Name *string `min:"1" type:"string"` // The unique identifier of the version of the secret created during the rotation. // This version might not be complete, and should be evaluated for possible // deletion. We recommend that you remove the VersionStage value AWSPENDING // from this version so that Secrets Manager can delete it. Failing to clean // up a cancelled rotation can block you from starting future rotations. VersionId *string `min:"32" type:"string"` // contains filtered or unexported fields }
func (s CancelRotateSecretOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *CancelRotateSecretOutput) SetARN(v string) *CancelRotateSecretOutput
SetARN sets the ARN field's value.
func (s *CancelRotateSecretOutput) SetName(v string) *CancelRotateSecretOutput
SetName sets the Name field's value.
func (s *CancelRotateSecretOutput) SetVersionId(v string) *CancelRotateSecretOutput
SetVersionId sets the VersionId field's value.
func (s CancelRotateSecretOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type CreateSecretInput struct { // A list of Regions and KMS keys to replicate secrets. AddReplicaRegions []*ReplicaRegionType `min:"1" type:"list"` // If you include SecretString or SecretBinary, then Secrets Manager creates // an initial version for the secret, and this parameter specifies the unique // identifier for the new version. // // If you use the Amazon Web Services CLI or one of the Amazon Web Services // SDKs to call this operation, then you can leave this parameter empty. The // CLI or SDK generates a random UUID for you and includes it as the value for // this parameter in the request. // // If you generate a raw HTTP request to the Secrets Manager service endpoint, // then you must generate a ClientRequestToken and include it in the request. // // This value helps ensure idempotency. Secrets Manager uses this value to prevent // the accidental creation of duplicate versions if there are failures and retries // during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) // value to ensure uniqueness of your versions within the specified secret. // // * If the ClientRequestToken value isn't already associated with a version // of the secret then a new version of the secret is created. // // * If a version with this value already exists and the version SecretString // and SecretBinary values are the same as those in the request, then the // request is ignored. // // * If a version with this value already exists and that version's SecretString // and SecretBinary values are different from those in the request, then // the request fails because you cannot modify an existing version. Instead, // use PutSecretValue to create a new version. // // This value becomes the VersionId of the new version. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` // The description of the secret. Description *string `type:"string"` // Specifies whether to overwrite a secret with the same name in the destination // Region. By default, secrets aren't overwritten. ForceOverwriteReplicaSecret *bool `type:"boolean"` // The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt // the secret value in the secret. An alias is always prefixed by alias/, for // example alias/aws/secretsmanager. For more information, see About aliases // (https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html). // // To use a KMS key in a different account, use the key ARN or the alias ARN. // // If you don't specify this value, then Secrets Manager uses the key aws/secretsmanager. // If that key doesn't yet exist, then Secrets Manager creates it for you automatically // the first time it encrypts the secret value. // // If the secret is in a different Amazon Web Services account from the credentials // calling the API, then you can't use aws/secretsmanager to encrypt the secret, // and you must create and use a customer managed KMS key. KmsKeyId *string `type:"string"` // The name of the new secret. // // The secret name can contain ASCII letters, numbers, and the following characters: // /_+=.@- // // Do not end your secret name with a hyphen followed by six characters. If // you do so, you risk confusion and unexpected results when searching for a // secret by partial ARN. Secrets Manager automatically adds a hyphen and six // random characters after the secret name at the end of the ARN. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // The binary data to encrypt and store in the new version of the secret. We // recommend that you store your binary data in a file and then pass the contents // of the file as a parameter. // // Either SecretString or SecretBinary must have a value, but not both. // // This parameter is not available in the Secrets Manager console. // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // SecretBinary is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CreateSecretInput's // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The text data to encrypt and store in this new version of the secret. We // recommend you use a JSON structure of key/value pairs for your secret value. // // Either SecretString or SecretBinary must have a value, but not both. // // If you create a secret by using the Secrets Manager console then Secrets // Manager puts the protected secret text in only the SecretString parameter. // The Secrets Manager console stores the information as a JSON structure of // key/value pairs that a Lambda rotation function can parse. // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CreateSecretInput's // String and GoString methods. SecretString *string `min:"1" type:"string" sensitive:"true"` // A list of tags to attach to the secret. Each tag is a key and value pair // of strings in a JSON text string, for example: // // [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}] // // Secrets Manager tag key names are case sensitive. A tag with the key "ABC" // is a different tag from one with key "abc". // // If you check tags in permissions policies as part of your security strategy, // then adding or removing a tag can change permissions. If the completion of // this operation would result in you losing your permissions for this secret, // then Secrets Manager blocks the operation and returns an Access Denied error. // For more information, see Control access to secrets using tags (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) // and Limit access to identities with tags that match secrets' tags (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2). // // For information about how to format a JSON parameter for the various command // line tool environments, see Using JSON for Parameters (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json). // If your command-line tool or SDK requires quotation marks around the parameter, // you should use single quotes to avoid confusion with the double quotes required // in the JSON text. // // For tag quotas and naming restrictions, see Service quotas for Tagging (https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas) // in the Amazon Web Services General Reference guide. Tags []*Tag `type:"list"` // contains filtered or unexported fields }
func (s CreateSecretInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *CreateSecretInput) SetAddReplicaRegions(v []*ReplicaRegionType) *CreateSecretInput
SetAddReplicaRegions sets the AddReplicaRegions field's value.
func (s *CreateSecretInput) SetClientRequestToken(v string) *CreateSecretInput
SetClientRequestToken sets the ClientRequestToken field's value.
func (s *CreateSecretInput) SetDescription(v string) *CreateSecretInput
SetDescription sets the Description field's value.
func (s *CreateSecretInput) SetForceOverwriteReplicaSecret(v bool) *CreateSecretInput
SetForceOverwriteReplicaSecret sets the ForceOverwriteReplicaSecret field's value.
func (s *CreateSecretInput) SetKmsKeyId(v string) *CreateSecretInput
SetKmsKeyId sets the KmsKeyId field's value.
func (s *CreateSecretInput) SetName(v string) *CreateSecretInput
SetName sets the Name field's value.
func (s *CreateSecretInput) SetSecretBinary(v []byte) *CreateSecretInput
SetSecretBinary sets the SecretBinary field's value.
func (s *CreateSecretInput) SetSecretString(v string) *CreateSecretInput
SetSecretString sets the SecretString field's value.
func (s *CreateSecretInput) SetTags(v []*Tag) *CreateSecretInput
SetTags sets the Tags field's value.
func (s CreateSecretInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *CreateSecretInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type CreateSecretOutput struct { // The ARN of the new secret. The ARN includes the name of the secret followed // by six random characters. This ensures that if you create a new secret with // the same name as a deleted secret, then users with access to the old secret // don't get access to the new secret because the ARNs are different. ARN *string `min:"20" type:"string"` // The name of the new secret. Name *string `min:"1" type:"string"` // A list of the replicas of this secret and their status: // // * Failed, which indicates that the replica was not created. // // * InProgress, which indicates that Secrets Manager is in the process of // creating the replica. // // * InSync, which indicates that the replica was created. ReplicationStatus []*ReplicationStatusType `type:"list"` // The unique identifier associated with the version of the new secret. VersionId *string `min:"32" type:"string"` // contains filtered or unexported fields }
func (s CreateSecretOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *CreateSecretOutput) SetARN(v string) *CreateSecretOutput
SetARN sets the ARN field's value.
func (s *CreateSecretOutput) SetName(v string) *CreateSecretOutput
SetName sets the Name field's value.
func (s *CreateSecretOutput) SetReplicationStatus(v []*ReplicationStatusType) *CreateSecretOutput
SetReplicationStatus sets the ReplicationStatus field's value.
func (s *CreateSecretOutput) SetVersionId(v string) *CreateSecretOutput
SetVersionId sets the VersionId field's value.
func (s CreateSecretOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type DecryptionFailure struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
Secrets Manager can't decrypt the protected secret text using the provided KMS key.
func (s *DecryptionFailure) Code() string
Code returns the exception type name.
func (s *DecryptionFailure) Error() string
func (s DecryptionFailure) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DecryptionFailure) Message() string
Message returns the exception's message.
func (s *DecryptionFailure) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *DecryptionFailure) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *DecryptionFailure) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s DecryptionFailure) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type DeleteResourcePolicyInput struct { // The ARN or name of the secret to delete the attached resource-based policy // for. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s DeleteResourcePolicyInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DeleteResourcePolicyInput) SetSecretId(v string) *DeleteResourcePolicyInput
SetSecretId sets the SecretId field's value.
func (s DeleteResourcePolicyInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DeleteResourcePolicyInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type DeleteResourcePolicyOutput struct { // The ARN of the secret that the resource-based policy was deleted for. ARN *string `min:"20" type:"string"` // The name of the secret that the resource-based policy was deleted for. Name *string `min:"1" type:"string"` // contains filtered or unexported fields }
func (s DeleteResourcePolicyOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DeleteResourcePolicyOutput) SetARN(v string) *DeleteResourcePolicyOutput
SetARN sets the ARN field's value.
func (s *DeleteResourcePolicyOutput) SetName(v string) *DeleteResourcePolicyOutput
SetName sets the Name field's value.
func (s DeleteResourcePolicyOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type DeleteSecretInput struct { // Specifies whether to delete the secret without any recovery window. You can't // use both this parameter and RecoveryWindowInDays in the same call. If you // don't use either, then by default Secrets Manager uses a 30 day recovery // window. // // Secrets Manager performs the actual deletion with an asynchronous background // process, so there might be a short delay before the secret is permanently // deleted. If you delete a secret and then immediately create a secret with // the same name, use appropriate back off and retry logic. // // If you forcibly delete an already deleted or nonexistent secret, the operation // does not return ResourceNotFoundException. // // Use this parameter with caution. This parameter causes the operation to skip // the normal recovery window before the permanent deletion that Secrets Manager // would normally impose with the RecoveryWindowInDays parameter. If you delete // a secret with the ForceDeleteWithoutRecovery parameter, then you have no // opportunity to recover the secret. You lose the secret permanently. ForceDeleteWithoutRecovery *bool `type:"boolean"` // The number of days from 7 to 30 that Secrets Manager waits before permanently // deleting the secret. You can't use both this parameter and ForceDeleteWithoutRecovery // in the same call. If you don't use either, then by default Secrets Manager // uses a 30 day recovery window. RecoveryWindowInDays *int64 `type:"long"` // The ARN or name of the secret to delete. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s DeleteSecretInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DeleteSecretInput) SetForceDeleteWithoutRecovery(v bool) *DeleteSecretInput
SetForceDeleteWithoutRecovery sets the ForceDeleteWithoutRecovery field's value.
func (s *DeleteSecretInput) SetRecoveryWindowInDays(v int64) *DeleteSecretInput
SetRecoveryWindowInDays sets the RecoveryWindowInDays field's value.
func (s *DeleteSecretInput) SetSecretId(v string) *DeleteSecretInput
SetSecretId sets the SecretId field's value.
func (s DeleteSecretInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DeleteSecretInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type DeleteSecretOutput struct { // The ARN of the secret. ARN *string `min:"20" type:"string"` // The date and time after which this secret Secrets Manager can permanently // delete this secret, and it can no longer be restored. This value is the date // and time of the delete request plus the number of days in RecoveryWindowInDays. DeletionDate *time.Time `type:"timestamp"` // The name of the secret. Name *string `min:"1" type:"string"` // contains filtered or unexported fields }
func (s DeleteSecretOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DeleteSecretOutput) SetARN(v string) *DeleteSecretOutput
SetARN sets the ARN field's value.
func (s *DeleteSecretOutput) SetDeletionDate(v time.Time) *DeleteSecretOutput
SetDeletionDate sets the DeletionDate field's value.
func (s *DeleteSecretOutput) SetName(v string) *DeleteSecretOutput
SetName sets the Name field's value.
func (s DeleteSecretOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type DescribeSecretInput struct { // The ARN or name of the secret. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s DescribeSecretInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DescribeSecretInput) SetSecretId(v string) *DescribeSecretInput
SetSecretId sets the SecretId field's value.
func (s DescribeSecretInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DescribeSecretInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type DescribeSecretOutput struct { // The ARN of the secret. ARN *string `min:"20" type:"string"` // The date the secret was created. CreatedDate *time.Time `type:"timestamp"` // The date the secret is scheduled for deletion. If it is not scheduled for // deletion, this field is omitted. When you delete a secret, Secrets Manager // requires a recovery window of at least 7 days before deleting the secret. // Some time after the deleted date, Secrets Manager deletes the secret, including // all of its versions. // // If a secret is scheduled for deletion, then its details, including the encrypted // secret value, is not accessible. To cancel a scheduled deletion and restore // access to the secret, use RestoreSecret. DeletedDate *time.Time `type:"timestamp"` // The description of the secret. Description *string `type:"string"` // The key ID or alias ARN of the KMS key that Secrets Manager uses to encrypt // the secret value. If the secret is encrypted with the Amazon Web Services // managed key aws/secretsmanager, this field is omitted. Secrets created using // the console use an KMS key ID. KmsKeyId *string `type:"string"` // The date that the secret was last accessed in the Region. This field is omitted // if the secret has never been retrieved in the Region. LastAccessedDate *time.Time `type:"timestamp"` // The last date and time that this secret was modified in any way. LastChangedDate *time.Time `type:"timestamp"` // The last date and time that Secrets Manager rotated the secret. If the secret // isn't configured for rotation or rotation has been disabled, Secrets Manager // returns null. LastRotatedDate *time.Time `type:"timestamp"` // The name of the secret. Name *string `min:"1" type:"string"` // The next rotation is scheduled to occur on or before this date. If the secret // isn't configured for rotation or rotation has been disabled, Secrets Manager // returns null. If rotation fails, Secrets Manager retries the entire rotation // process multiple times. If rotation is unsuccessful, this date may be in // the past. // // This date represents the latest date that rotation will occur, but it is // not an approximate rotation date. In some cases, for example if you turn // off automatic rotation and then turn it back on, the next rotation may occur // much sooner than this date. NextRotationDate *time.Time `type:"timestamp"` // The ID of the service that created this secret. For more information, see // Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html). OwningService *string `min:"1" type:"string"` // The Region the secret is in. If a secret is replicated to other Regions, // the replicas are listed in ReplicationStatus. PrimaryRegion *string `min:"1" type:"string"` // A list of the replicas of this secret and their status: // // * Failed, which indicates that the replica was not created. // // * InProgress, which indicates that Secrets Manager is in the process of // creating the replica. // // * InSync, which indicates that the replica was created. ReplicationStatus []*ReplicationStatusType `type:"list"` // Specifies whether automatic rotation is turned on for this secret. If the // secret has never been configured for rotation, Secrets Manager returns null. // // To turn on rotation, use RotateSecret. To turn off rotation, use CancelRotateSecret. RotationEnabled *bool `type:"boolean"` // The ARN of the Lambda function that Secrets Manager invokes to rotate the // secret. RotationLambdaARN *string `type:"string"` // The rotation schedule and Lambda function for this secret. If the secret // previously had rotation turned on, but it is now turned off, this field shows // the previous rotation schedule and rotation function. If the secret never // had rotation turned on, this field is omitted. RotationRules *RotationRulesType `type:"structure"` // The list of tags attached to the secret. To add tags to a secret, use TagResource. // To remove tags, use UntagResource. Tags []*Tag `type:"list"` // A list of the versions of the secret that have staging labels attached. Versions // that don't have staging labels are considered deprecated and Secrets Manager // can delete them. // // Secrets Manager uses staging labels to indicate the status of a secret version // during rotation. The three staging labels for rotation are: // // * AWSCURRENT, which indicates the current version of the secret. // // * AWSPENDING, which indicates the version of the secret that contains // new secret information that will become the next current version when // rotation finishes. During rotation, Secrets Manager creates an AWSPENDING // version ID before creating the new secret version. To check if a secret // version exists, call GetSecretValue. // // * AWSPREVIOUS, which indicates the previous current version of the secret. // You can use this as the last known good version. // // For more information about rotation and staging labels, see How rotation // works (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html). VersionIdsToStages map[string][]*string `type:"map"` // contains filtered or unexported fields }
func (s DescribeSecretOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *DescribeSecretOutput) SetARN(v string) *DescribeSecretOutput
SetARN sets the ARN field's value.
func (s *DescribeSecretOutput) SetCreatedDate(v time.Time) *DescribeSecretOutput
SetCreatedDate sets the CreatedDate field's value.
func (s *DescribeSecretOutput) SetDeletedDate(v time.Time) *DescribeSecretOutput
SetDeletedDate sets the DeletedDate field's value.
func (s *DescribeSecretOutput) SetDescription(v string) *DescribeSecretOutput
SetDescription sets the Description field's value.
func (s *DescribeSecretOutput) SetKmsKeyId(v string) *DescribeSecretOutput
SetKmsKeyId sets the KmsKeyId field's value.
func (s *DescribeSecretOutput) SetLastAccessedDate(v time.Time) *DescribeSecretOutput
SetLastAccessedDate sets the LastAccessedDate field's value.
func (s *DescribeSecretOutput) SetLastChangedDate(v time.Time) *DescribeSecretOutput
SetLastChangedDate sets the LastChangedDate field's value.
func (s *DescribeSecretOutput) SetLastRotatedDate(v time.Time) *DescribeSecretOutput
SetLastRotatedDate sets the LastRotatedDate field's value.
func (s *DescribeSecretOutput) SetName(v string) *DescribeSecretOutput
SetName sets the Name field's value.
func (s *DescribeSecretOutput) SetNextRotationDate(v time.Time) *DescribeSecretOutput
SetNextRotationDate sets the NextRotationDate field's value.
func (s *DescribeSecretOutput) SetOwningService(v string) *DescribeSecretOutput
SetOwningService sets the OwningService field's value.
func (s *DescribeSecretOutput) SetPrimaryRegion(v string) *DescribeSecretOutput
SetPrimaryRegion sets the PrimaryRegion field's value.
func (s *DescribeSecretOutput) SetReplicationStatus(v []*ReplicationStatusType) *DescribeSecretOutput
SetReplicationStatus sets the ReplicationStatus field's value.
func (s *DescribeSecretOutput) SetRotationEnabled(v bool) *DescribeSecretOutput
SetRotationEnabled sets the RotationEnabled field's value.
func (s *DescribeSecretOutput) SetRotationLambdaARN(v string) *DescribeSecretOutput
SetRotationLambdaARN sets the RotationLambdaARN field's value.
func (s *DescribeSecretOutput) SetRotationRules(v *RotationRulesType) *DescribeSecretOutput
SetRotationRules sets the RotationRules field's value.
func (s *DescribeSecretOutput) SetTags(v []*Tag) *DescribeSecretOutput
SetTags sets the Tags field's value.
func (s *DescribeSecretOutput) SetVersionIdsToStages(v map[string][]*string) *DescribeSecretOutput
SetVersionIdsToStages sets the VersionIdsToStages field's value.
func (s DescribeSecretOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type EncryptionFailure struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
Secrets Manager can't encrypt the protected secret text using the provided KMS key. Check that the KMS key is available, enabled, and not in an invalid state. For more information, see Key state: Effect on your KMS key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html).
func (s *EncryptionFailure) Code() string
Code returns the exception type name.
func (s *EncryptionFailure) Error() string
func (s EncryptionFailure) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *EncryptionFailure) Message() string
Message returns the exception's message.
func (s *EncryptionFailure) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *EncryptionFailure) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *EncryptionFailure) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s EncryptionFailure) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type Filter struct { // The following are keys you can use: // // * description: Prefix match, not case-sensitive. // // * name: Prefix match, case-sensitive. // // * tag-key: Prefix match, case-sensitive. // // * tag-value: Prefix match, case-sensitive. // // * primary-region: Prefix match, case-sensitive. // // * owning-service: Prefix match, case-sensitive. // // * all: Breaks the filter value string into words and then searches all // attributes for matches. Not case-sensitive. Key *string `type:"string" enum:"FilterNameStringType"` // The keyword to filter for. // // You can prefix your search value with an exclamation mark (!) in order to // perform negation filters. Values []*string `min:"1" type:"list"` // contains filtered or unexported fields }
Allows you to add filters when you use the search function in Secrets Manager. For more information, see Find secrets in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html).
func (s Filter) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *Filter) SetKey(v string) *Filter
SetKey sets the Key field's value.
func (s *Filter) SetValues(v []*string) *Filter
SetValues sets the Values field's value.
func (s Filter) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *Filter) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type GetRandomPasswordInput struct { // A string of the characters that you don't want in the password. ExcludeCharacters *string `type:"string"` // Specifies whether to exclude lowercase letters from the password. If you // don't include this switch, the password can contain lowercase letters. ExcludeLowercase *bool `type:"boolean"` // Specifies whether to exclude numbers from the password. If you don't include // this switch, the password can contain numbers. ExcludeNumbers *bool `type:"boolean"` // Specifies whether to exclude the following punctuation characters from the // password: ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~. // If you don't include this switch, the password can contain punctuation. ExcludePunctuation *bool `type:"boolean"` // Specifies whether to exclude uppercase letters from the password. If you // don't include this switch, the password can contain uppercase letters. ExcludeUppercase *bool `type:"boolean"` // Specifies whether to include the space character. If you include this switch, // the password can contain space characters. IncludeSpace *bool `type:"boolean"` // The length of the password. If you don't include this parameter, the default // length is 32 characters. PasswordLength *int64 `min:"1" type:"long"` // Specifies whether to include at least one upper and lowercase letter, one // number, and one punctuation. If you don't include this switch, the password // contains at least one of every character type. RequireEachIncludedType *bool `type:"boolean"` // contains filtered or unexported fields }
func (s GetRandomPasswordInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetRandomPasswordInput) SetExcludeCharacters(v string) *GetRandomPasswordInput
SetExcludeCharacters sets the ExcludeCharacters field's value.
func (s *GetRandomPasswordInput) SetExcludeLowercase(v bool) *GetRandomPasswordInput
SetExcludeLowercase sets the ExcludeLowercase field's value.
func (s *GetRandomPasswordInput) SetExcludeNumbers(v bool) *GetRandomPasswordInput
SetExcludeNumbers sets the ExcludeNumbers field's value.
func (s *GetRandomPasswordInput) SetExcludePunctuation(v bool) *GetRandomPasswordInput
SetExcludePunctuation sets the ExcludePunctuation field's value.
func (s *GetRandomPasswordInput) SetExcludeUppercase(v bool) *GetRandomPasswordInput
SetExcludeUppercase sets the ExcludeUppercase field's value.
func (s *GetRandomPasswordInput) SetIncludeSpace(v bool) *GetRandomPasswordInput
SetIncludeSpace sets the IncludeSpace field's value.
func (s *GetRandomPasswordInput) SetPasswordLength(v int64) *GetRandomPasswordInput
SetPasswordLength sets the PasswordLength field's value.
func (s *GetRandomPasswordInput) SetRequireEachIncludedType(v bool) *GetRandomPasswordInput
SetRequireEachIncludedType sets the RequireEachIncludedType field's value.
func (s GetRandomPasswordInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetRandomPasswordInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type GetRandomPasswordOutput struct { // A string with the password. // // RandomPassword is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by GetRandomPasswordOutput's // String and GoString methods. RandomPassword *string `type:"string" sensitive:"true"` // contains filtered or unexported fields }
func (s GetRandomPasswordOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetRandomPasswordOutput) SetRandomPassword(v string) *GetRandomPasswordOutput
SetRandomPassword sets the RandomPassword field's value.
func (s GetRandomPasswordOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type GetResourcePolicyInput struct { // The ARN or name of the secret to retrieve the attached resource-based policy // for. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s GetResourcePolicyInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetResourcePolicyInput) SetSecretId(v string) *GetResourcePolicyInput
SetSecretId sets the SecretId field's value.
func (s GetResourcePolicyInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetResourcePolicyInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type GetResourcePolicyOutput struct { // The ARN of the secret that the resource-based policy was retrieved for. ARN *string `min:"20" type:"string"` // The name of the secret that the resource-based policy was retrieved for. Name *string `min:"1" type:"string"` // A JSON-formatted string that contains the permissions policy attached to // the secret. For more information about permissions policies, see Authentication // and access control for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). ResourcePolicy *string `min:"1" type:"string"` // contains filtered or unexported fields }
func (s GetResourcePolicyOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetResourcePolicyOutput) SetARN(v string) *GetResourcePolicyOutput
SetARN sets the ARN field's value.
func (s *GetResourcePolicyOutput) SetName(v string) *GetResourcePolicyOutput
SetName sets the Name field's value.
func (s *GetResourcePolicyOutput) SetResourcePolicy(v string) *GetResourcePolicyOutput
SetResourcePolicy sets the ResourcePolicy field's value.
func (s GetResourcePolicyOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type GetSecretValueInput struct { // The ARN or name of the secret to retrieve. To retrieve a secret from another // account, you must use an ARN. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // The unique identifier of the version of the secret to retrieve. If you include // both this parameter and VersionStage, the two parameters must refer to the // same secret version. If you don't specify either a VersionStage or VersionId, // then Secrets Manager returns the AWSCURRENT version. // // This value is typically a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) // value with 32 hexadecimal digits. VersionId *string `min:"32" type:"string"` // The staging label of the version of the secret to retrieve. // // Secrets Manager uses staging labels to keep track of different versions during // the rotation process. If you include both this parameter and VersionId, the // two parameters must refer to the same secret version. If you don't specify // either a VersionStage or VersionId, Secrets Manager returns the AWSCURRENT // version. VersionStage *string `min:"1" type:"string"` // contains filtered or unexported fields }
func (s GetSecretValueInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetSecretValueInput) SetSecretId(v string) *GetSecretValueInput
SetSecretId sets the SecretId field's value.
func (s *GetSecretValueInput) SetVersionId(v string) *GetSecretValueInput
SetVersionId sets the VersionId field's value.
func (s *GetSecretValueInput) SetVersionStage(v string) *GetSecretValueInput
SetVersionStage sets the VersionStage field's value.
func (s GetSecretValueInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetSecretValueInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type GetSecretValueOutput struct { // The ARN of the secret. ARN *string `min:"20" type:"string"` // The date and time that this version of the secret was created. If you don't // specify which version in VersionId or VersionStage, then Secrets Manager // uses the AWSCURRENT version. CreatedDate *time.Time `type:"timestamp"` // The friendly name of the secret. Name *string `min:"1" type:"string"` // The decrypted secret value, if the secret value was originally provided as // binary data in the form of a byte array. When you retrieve a SecretBinary // using the HTTP API, the Python SDK, or the Amazon Web Services CLI, the value // is Base64-encoded. Otherwise, it is not encoded. // // If the secret was created by using the Secrets Manager console, or if the // secret value was originally provided as a string, then this field is omitted. // The secret value appears in SecretString instead. // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // SecretBinary is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by GetSecretValueOutput's // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The decrypted secret value, if the secret value was originally provided as // a string or through the Secrets Manager console. // // If this secret was created by using the console, then Secrets Manager stores // the information as a JSON structure of key/value pairs. // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by GetSecretValueOutput's // String and GoString methods. SecretString *string `min:"1" type:"string" sensitive:"true"` // The unique identifier of this version of the secret. VersionId *string `min:"32" type:"string"` // A list of all of the staging labels currently attached to this version of // the secret. VersionStages []*string `min:"1" type:"list"` // contains filtered or unexported fields }
func (s GetSecretValueOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *GetSecretValueOutput) SetARN(v string) *GetSecretValueOutput
SetARN sets the ARN field's value.
func (s *GetSecretValueOutput) SetCreatedDate(v time.Time) *GetSecretValueOutput
SetCreatedDate sets the CreatedDate field's value.
func (s *GetSecretValueOutput) SetName(v string) *GetSecretValueOutput
SetName sets the Name field's value.
func (s *GetSecretValueOutput) SetSecretBinary(v []byte) *GetSecretValueOutput
SetSecretBinary sets the SecretBinary field's value.
func (s *GetSecretValueOutput) SetSecretString(v string) *GetSecretValueOutput
SetSecretString sets the SecretString field's value.
func (s *GetSecretValueOutput) SetVersionId(v string) *GetSecretValueOutput
SetVersionId sets the VersionId field's value.
func (s *GetSecretValueOutput) SetVersionStages(v []*string) *GetSecretValueOutput
SetVersionStages sets the VersionStages field's value.
func (s GetSecretValueOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type InternalServiceError struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
An error occurred on the server side.
func (s *InternalServiceError) Code() string
Code returns the exception type name.
func (s *InternalServiceError) Error() string
func (s InternalServiceError) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *InternalServiceError) Message() string
Message returns the exception's message.
func (s *InternalServiceError) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InternalServiceError) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *InternalServiceError) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s InternalServiceError) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type InvalidNextTokenException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
The NextToken value is invalid.
func (s *InvalidNextTokenException) Code() string
Code returns the exception type name.
func (s *InvalidNextTokenException) Error() string
func (s InvalidNextTokenException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *InvalidNextTokenException) Message() string
Message returns the exception's message.
func (s *InvalidNextTokenException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidNextTokenException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *InvalidNextTokenException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s InvalidNextTokenException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type InvalidParameterException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
The parameter name or value is invalid.
func (s *InvalidParameterException) Code() string
Code returns the exception type name.
func (s *InvalidParameterException) Error() string
func (s InvalidParameterException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *InvalidParameterException) Message() string
Message returns the exception's message.
func (s *InvalidParameterException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidParameterException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *InvalidParameterException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s InvalidParameterException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type InvalidRequestException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
func (s *InvalidRequestException) Code() string
Code returns the exception type name.
func (s *InvalidRequestException) Error() string
func (s InvalidRequestException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *InvalidRequestException) Message() string
Message returns the exception's message.
func (s *InvalidRequestException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidRequestException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *InvalidRequestException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s InvalidRequestException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type LimitExceededException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
The request failed because it would exceed one of the Secrets Manager quotas.
func (s *LimitExceededException) Code() string
Code returns the exception type name.
func (s *LimitExceededException) Error() string
func (s LimitExceededException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *LimitExceededException) Message() string
Message returns the exception's message.
func (s *LimitExceededException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *LimitExceededException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *LimitExceededException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s LimitExceededException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type ListSecretVersionIdsInput struct { // Specifies whether to include versions of secrets that don't have any staging // labels attached to them. Versions without staging labels are considered deprecated // and are subject to deletion by Secrets Manager. By default, versions without // staging labels aren't included. IncludeDeprecated *bool `type:"boolean"` // The number of results to include in the response. // // If there are more results available, in the response, Secrets Manager includes // NextToken. To get the next results, call ListSecretVersionIds again with // the value from NextToken. MaxResults *int64 `min:"1" type:"integer"` // A token that indicates where the output should continue from, if a previous // call did not show all results. To get the next results, call ListSecretVersionIds // again with this value. NextToken *string `min:"1" type:"string"` // The ARN or name of the secret whose versions you want to list. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s ListSecretVersionIdsInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ListSecretVersionIdsInput) SetIncludeDeprecated(v bool) *ListSecretVersionIdsInput
SetIncludeDeprecated sets the IncludeDeprecated field's value.
func (s *ListSecretVersionIdsInput) SetMaxResults(v int64) *ListSecretVersionIdsInput
SetMaxResults sets the MaxResults field's value.
func (s *ListSecretVersionIdsInput) SetNextToken(v string) *ListSecretVersionIdsInput
SetNextToken sets the NextToken field's value.
func (s *ListSecretVersionIdsInput) SetSecretId(v string) *ListSecretVersionIdsInput
SetSecretId sets the SecretId field's value.
func (s ListSecretVersionIdsInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ListSecretVersionIdsInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type ListSecretVersionIdsOutput struct { // The ARN of the secret. ARN *string `min:"20" type:"string"` // The name of the secret. Name *string `min:"1" type:"string"` // Secrets Manager includes this value if there's more output available than // what is included in the current response. This can occur even when the response // includes no values at all, such as when you ask for a filtered view of a // long list. To get the next results, call ListSecretVersionIds again with // this value. NextToken *string `min:"1" type:"string"` // A list of the versions of the secret. Versions []*SecretVersionsListEntry `type:"list"` // contains filtered or unexported fields }
func (s ListSecretVersionIdsOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ListSecretVersionIdsOutput) SetARN(v string) *ListSecretVersionIdsOutput
SetARN sets the ARN field's value.
func (s *ListSecretVersionIdsOutput) SetName(v string) *ListSecretVersionIdsOutput
SetName sets the Name field's value.
func (s *ListSecretVersionIdsOutput) SetNextToken(v string) *ListSecretVersionIdsOutput
SetNextToken sets the NextToken field's value.
func (s *ListSecretVersionIdsOutput) SetVersions(v []*SecretVersionsListEntry) *ListSecretVersionIdsOutput
SetVersions sets the Versions field's value.
func (s ListSecretVersionIdsOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type ListSecretsInput struct { // The filters to apply to the list of secrets. Filters []*Filter `type:"list"` // Specifies whether to include secrets scheduled for deletion. By default, // secrets scheduled for deletion aren't included. IncludePlannedDeletion *bool `type:"boolean"` // The number of results to include in the response. // // If there are more results available, in the response, Secrets Manager includes // NextToken. To get the next results, call ListSecrets again with the value // from NextToken. MaxResults *int64 `min:"1" type:"integer"` // A token that indicates where the output should continue from, if a previous // call did not show all results. To get the next results, call ListSecrets // again with this value. NextToken *string `min:"1" type:"string"` // Secrets are listed by CreatedDate. SortOrder *string `type:"string" enum:"SortOrderType"` // contains filtered or unexported fields }
func (s ListSecretsInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ListSecretsInput) SetFilters(v []*Filter) *ListSecretsInput
SetFilters sets the Filters field's value.
func (s *ListSecretsInput) SetIncludePlannedDeletion(v bool) *ListSecretsInput
SetIncludePlannedDeletion sets the IncludePlannedDeletion field's value.
func (s *ListSecretsInput) SetMaxResults(v int64) *ListSecretsInput
SetMaxResults sets the MaxResults field's value.
func (s *ListSecretsInput) SetNextToken(v string) *ListSecretsInput
SetNextToken sets the NextToken field's value.
func (s *ListSecretsInput) SetSortOrder(v string) *ListSecretsInput
SetSortOrder sets the SortOrder field's value.
func (s ListSecretsInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ListSecretsInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type ListSecretsOutput struct { // Secrets Manager includes this value if there's more output available than // what is included in the current response. This can occur even when the response // includes no values at all, such as when you ask for a filtered view of a // long list. To get the next results, call ListSecrets again with this value. NextToken *string `min:"1" type:"string"` // A list of the secrets in the account. SecretList []*SecretListEntry `type:"list"` // contains filtered or unexported fields }
func (s ListSecretsOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ListSecretsOutput) SetNextToken(v string) *ListSecretsOutput
SetNextToken sets the NextToken field's value.
func (s *ListSecretsOutput) SetSecretList(v []*SecretListEntry) *ListSecretsOutput
SetSecretList sets the SecretList field's value.
func (s ListSecretsOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type MalformedPolicyDocumentException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
The resource policy has syntax errors.
func (s *MalformedPolicyDocumentException) Code() string
Code returns the exception type name.
func (s *MalformedPolicyDocumentException) Error() string
func (s MalformedPolicyDocumentException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *MalformedPolicyDocumentException) Message() string
Message returns the exception's message.
func (s *MalformedPolicyDocumentException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *MalformedPolicyDocumentException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *MalformedPolicyDocumentException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s MalformedPolicyDocumentException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type PreconditionNotMetException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
The request failed because you did not complete all the prerequisite steps.
func (s *PreconditionNotMetException) Code() string
Code returns the exception type name.
func (s *PreconditionNotMetException) Error() string
func (s PreconditionNotMetException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *PreconditionNotMetException) Message() string
Message returns the exception's message.
func (s *PreconditionNotMetException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *PreconditionNotMetException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *PreconditionNotMetException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s PreconditionNotMetException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type PublicPolicyException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
The BlockPublicPolicy parameter is set to true, and the resource policy did not prevent broad access to the secret.
func (s *PublicPolicyException) Code() string
Code returns the exception type name.
func (s *PublicPolicyException) Error() string
func (s PublicPolicyException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *PublicPolicyException) Message() string
Message returns the exception's message.
func (s *PublicPolicyException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *PublicPolicyException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *PublicPolicyException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s PublicPolicyException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type PutResourcePolicyInput struct { // Specifies whether to block resource-based policies that allow broad access // to the secret, for example those that use a wildcard for the principal. By // default, public policies aren't blocked. // // Resource policy validation and the BlockPublicPolicy parameter help protect // your resources by preventing public access from being granted through the // resource policies that are directly attached to your secrets. In addition // to using these features, carefully inspect the following policies to confirm // that they do not grant public access: // // * Identity-based policies attached to associated Amazon Web Services principals // (for example, IAM roles) // // * Resource-based policies attached to associated Amazon Web Services resources // (for example, Key Management Service (KMS) keys) // // To review permissions to your secrets, see Determine who has permissions // to your secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/determine-acccess_examine-iam-policies.html). BlockPublicPolicy *bool `type:"boolean"` // A JSON-formatted string for an Amazon Web Services resource-based policy. // For example policies, see Permissions policy examples (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html). // // ResourcePolicy is a required field ResourcePolicy *string `min:"1" type:"string" required:"true"` // The ARN or name of the secret to attach the resource-based policy. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s PutResourcePolicyInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *PutResourcePolicyInput) SetBlockPublicPolicy(v bool) *PutResourcePolicyInput
SetBlockPublicPolicy sets the BlockPublicPolicy field's value.
func (s *PutResourcePolicyInput) SetResourcePolicy(v string) *PutResourcePolicyInput
SetResourcePolicy sets the ResourcePolicy field's value.
func (s *PutResourcePolicyInput) SetSecretId(v string) *PutResourcePolicyInput
SetSecretId sets the SecretId field's value.
func (s PutResourcePolicyInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *PutResourcePolicyInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type PutResourcePolicyOutput struct { // The ARN of the secret. ARN *string `min:"20" type:"string"` // The name of the secret. Name *string `min:"1" type:"string"` // contains filtered or unexported fields }
func (s PutResourcePolicyOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *PutResourcePolicyOutput) SetARN(v string) *PutResourcePolicyOutput
SetARN sets the ARN field's value.
func (s *PutResourcePolicyOutput) SetName(v string) *PutResourcePolicyOutput
SetName sets the Name field's value.
func (s PutResourcePolicyOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type PutSecretValueInput struct { // A unique identifier for the new version of the secret. // // If you use the Amazon Web Services CLI or one of the Amazon Web Services // SDKs to call this operation, then you can leave this parameter empty. The // CLI or SDK generates a random UUID for you and includes it as the value for // this parameter in the request. // // If you generate a raw HTTP request to the Secrets Manager service endpoint, // then you must generate a ClientRequestToken and include it in the request. // // This value helps ensure idempotency. Secrets Manager uses this value to prevent // the accidental creation of duplicate versions if there are failures and retries // during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) // value to ensure uniqueness of your versions within the specified secret. // // * If the ClientRequestToken value isn't already associated with a version // of the secret then a new version of the secret is created. // // * If a version with this value already exists and that version's SecretString // or SecretBinary values are the same as those in the request then the request // is ignored. The operation is idempotent. // // * If a version with this value already exists and the version of the SecretString // and SecretBinary values are different from those in the request, then // the request fails because you can't modify a secret version. You can only // create new versions to store new secret values. // // This value becomes the VersionId of the new version. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` // A unique identifier that indicates the source of the request. For cross-account // rotation (when you rotate a secret in one account by using a Lambda rotation // function in another account) and the Lambda rotation function assumes an // IAM role to call Secrets Manager, Secrets Manager validates the identity // with the rotation token. For more information, see How rotation works (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html). // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // RotationToken is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutSecretValueInput's // String and GoString methods. RotationToken *string `min:"36" type:"string" sensitive:"true"` // The binary data to encrypt and store in the new version of the secret. To // use this parameter in the command-line tools, we recommend that you store // your binary data in a file and then pass the contents of the file as a parameter. // // You must include SecretBinary or SecretString, but not both. // // You can't access this value from the Secrets Manager console. // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // SecretBinary is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutSecretValueInput's // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The ARN or name of the secret to add a new version to. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // If the secret doesn't already exist, use CreateSecret instead. // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // The text to encrypt and store in the new version of the secret. // // You must include SecretBinary or SecretString, but not both. // // We recommend you create the secret string as JSON key/value pairs, as shown // in the example. // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutSecretValueInput's // String and GoString methods. SecretString *string `min:"1" type:"string" sensitive:"true"` // A list of staging labels to attach to this version of the secret. Secrets // Manager uses staging labels to track versions of a secret through the rotation // process. // // If you specify a staging label that's already associated with a different // version of the same secret, then Secrets Manager removes the label from the // other version and attaches it to this version. If you specify AWSCURRENT, // and it is already attached to another version, then Secrets Manager also // moves the staging label AWSPREVIOUS to the version that AWSCURRENT was removed // from. // // If you don't include VersionStages, then Secrets Manager automatically moves // the staging label AWSCURRENT to this version. VersionStages []*string `min:"1" type:"list"` // contains filtered or unexported fields }
func (s PutSecretValueInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *PutSecretValueInput) SetClientRequestToken(v string) *PutSecretValueInput
SetClientRequestToken sets the ClientRequestToken field's value.
func (s *PutSecretValueInput) SetRotationToken(v string) *PutSecretValueInput
SetRotationToken sets the RotationToken field's value.
func (s *PutSecretValueInput) SetSecretBinary(v []byte) *PutSecretValueInput
SetSecretBinary sets the SecretBinary field's value.
func (s *PutSecretValueInput) SetSecretId(v string) *PutSecretValueInput
SetSecretId sets the SecretId field's value.
func (s *PutSecretValueInput) SetSecretString(v string) *PutSecretValueInput
SetSecretString sets the SecretString field's value.
func (s *PutSecretValueInput) SetVersionStages(v []*string) *PutSecretValueInput
SetVersionStages sets the VersionStages field's value.
func (s PutSecretValueInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *PutSecretValueInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type PutSecretValueOutput struct { // The ARN of the secret. ARN *string `min:"20" type:"string"` // The name of the secret. Name *string `min:"1" type:"string"` // The unique identifier of the version of the secret. VersionId *string `min:"32" type:"string"` // The list of staging labels that are currently attached to this version of // the secret. Secrets Manager uses staging labels to track a version as it // progresses through the secret rotation process. VersionStages []*string `min:"1" type:"list"` // contains filtered or unexported fields }
func (s PutSecretValueOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *PutSecretValueOutput) SetARN(v string) *PutSecretValueOutput
SetARN sets the ARN field's value.
func (s *PutSecretValueOutput) SetName(v string) *PutSecretValueOutput
SetName sets the Name field's value.
func (s *PutSecretValueOutput) SetVersionId(v string) *PutSecretValueOutput
SetVersionId sets the VersionId field's value.
func (s *PutSecretValueOutput) SetVersionStages(v []*string) *PutSecretValueOutput
SetVersionStages sets the VersionStages field's value.
func (s PutSecretValueOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type RemoveRegionsFromReplicationInput struct { // The Regions of the replicas to remove. // // RemoveReplicaRegions is a required field RemoveReplicaRegions []*string `min:"1" type:"list" required:"true"` // The ARN or name of the secret. // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s RemoveRegionsFromReplicationInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RemoveRegionsFromReplicationInput) SetRemoveReplicaRegions(v []*string) *RemoveRegionsFromReplicationInput
SetRemoveReplicaRegions sets the RemoveReplicaRegions field's value.
func (s *RemoveRegionsFromReplicationInput) SetSecretId(v string) *RemoveRegionsFromReplicationInput
SetSecretId sets the SecretId field's value.
func (s RemoveRegionsFromReplicationInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RemoveRegionsFromReplicationInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type RemoveRegionsFromReplicationOutput struct { // The ARN of the primary secret. ARN *string `min:"20" type:"string"` // The status of replicas for this secret after you remove Regions. ReplicationStatus []*ReplicationStatusType `type:"list"` // contains filtered or unexported fields }
func (s RemoveRegionsFromReplicationOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RemoveRegionsFromReplicationOutput) SetARN(v string) *RemoveRegionsFromReplicationOutput
SetARN sets the ARN field's value.
func (s *RemoveRegionsFromReplicationOutput) SetReplicationStatus(v []*ReplicationStatusType) *RemoveRegionsFromReplicationOutput
SetReplicationStatus sets the ReplicationStatus field's value.
func (s RemoveRegionsFromReplicationOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type ReplicaRegionType struct { // The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't // include this field, Secrets Manager uses aws/secretsmanager. KmsKeyId *string `type:"string"` // A Region code. For a list of Region codes, see Name and code of Regions (https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Region *string `min:"1" type:"string"` // contains filtered or unexported fields }
A custom type that specifies a Region and the KmsKeyId for a replica secret.
func (s ReplicaRegionType) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ReplicaRegionType) SetKmsKeyId(v string) *ReplicaRegionType
SetKmsKeyId sets the KmsKeyId field's value.
func (s *ReplicaRegionType) SetRegion(v string) *ReplicaRegionType
SetRegion sets the Region field's value.
func (s ReplicaRegionType) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ReplicaRegionType) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type ReplicateSecretToRegionsInput struct { // A list of Regions in which to replicate the secret. // // AddReplicaRegions is a required field AddReplicaRegions []*ReplicaRegionType `min:"1" type:"list" required:"true"` // Specifies whether to overwrite a secret with the same name in the destination // Region. By default, secrets aren't overwritten. ForceOverwriteReplicaSecret *bool `type:"boolean"` // The ARN or name of the secret to replicate. // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s ReplicateSecretToRegionsInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ReplicateSecretToRegionsInput) SetAddReplicaRegions(v []*ReplicaRegionType) *ReplicateSecretToRegionsInput
SetAddReplicaRegions sets the AddReplicaRegions field's value.
func (s *ReplicateSecretToRegionsInput) SetForceOverwriteReplicaSecret(v bool) *ReplicateSecretToRegionsInput
SetForceOverwriteReplicaSecret sets the ForceOverwriteReplicaSecret field's value.
func (s *ReplicateSecretToRegionsInput) SetSecretId(v string) *ReplicateSecretToRegionsInput
SetSecretId sets the SecretId field's value.
func (s ReplicateSecretToRegionsInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ReplicateSecretToRegionsInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type ReplicateSecretToRegionsOutput struct { // The ARN of the primary secret. ARN *string `min:"20" type:"string"` // The status of replication. ReplicationStatus []*ReplicationStatusType `type:"list"` // contains filtered or unexported fields }
func (s ReplicateSecretToRegionsOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ReplicateSecretToRegionsOutput) SetARN(v string) *ReplicateSecretToRegionsOutput
SetARN sets the ARN field's value.
func (s *ReplicateSecretToRegionsOutput) SetReplicationStatus(v []*ReplicationStatusType) *ReplicateSecretToRegionsOutput
SetReplicationStatus sets the ReplicationStatus field's value.
func (s ReplicateSecretToRegionsOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type ReplicationStatusType struct { // Can be an ARN, Key ID, or Alias. KmsKeyId *string `type:"string"` // The date that the secret was last accessed in the Region. This field is omitted // if the secret has never been retrieved in the Region. LastAccessedDate *time.Time `type:"timestamp"` // The Region where replication occurs. Region *string `min:"1" type:"string"` // The status can be InProgress, Failed, or InSync. Status *string `type:"string" enum:"StatusType"` // Status message such as "Secret with this name already exists in this region". StatusMessage *string `min:"1" type:"string"` // contains filtered or unexported fields }
A replication object consisting of a RegionReplicationStatus object and includes a Region, KMSKeyId, status, and status message.
func (s ReplicationStatusType) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ReplicationStatusType) SetKmsKeyId(v string) *ReplicationStatusType
SetKmsKeyId sets the KmsKeyId field's value.
func (s *ReplicationStatusType) SetLastAccessedDate(v time.Time) *ReplicationStatusType
SetLastAccessedDate sets the LastAccessedDate field's value.
func (s *ReplicationStatusType) SetRegion(v string) *ReplicationStatusType
SetRegion sets the Region field's value.
func (s *ReplicationStatusType) SetStatus(v string) *ReplicationStatusType
SetStatus sets the Status field's value.
func (s *ReplicationStatusType) SetStatusMessage(v string) *ReplicationStatusType
SetStatusMessage sets the StatusMessage field's value.
func (s ReplicationStatusType) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type ResourceExistsException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
A resource with the ID you requested already exists.
func (s *ResourceExistsException) Code() string
Code returns the exception type name.
func (s *ResourceExistsException) Error() string
func (s ResourceExistsException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ResourceExistsException) Message() string
Message returns the exception's message.
func (s *ResourceExistsException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ResourceExistsException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *ResourceExistsException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s ResourceExistsException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type ResourceNotFoundException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"Message" type:"string"` // contains filtered or unexported fields }
Secrets Manager can't find the resource that you asked for.
func (s *ResourceNotFoundException) Code() string
Code returns the exception type name.
func (s *ResourceNotFoundException) Error() string
func (s ResourceNotFoundException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ResourceNotFoundException) Message() string
Message returns the exception's message.
func (s *ResourceNotFoundException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ResourceNotFoundException) RequestID() string
RequestID returns the service's response RequestID for request.
func (s *ResourceNotFoundException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (s ResourceNotFoundException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type RestoreSecretInput struct { // The ARN or name of the secret to restore. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s RestoreSecretInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RestoreSecretInput) SetSecretId(v string) *RestoreSecretInput
SetSecretId sets the SecretId field's value.
func (s RestoreSecretInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RestoreSecretInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type RestoreSecretOutput struct { // The ARN of the secret that was restored. ARN *string `min:"20" type:"string"` // The name of the secret that was restored. Name *string `min:"1" type:"string"` // contains filtered or unexported fields }
func (s RestoreSecretOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RestoreSecretOutput) SetARN(v string) *RestoreSecretOutput
SetARN sets the ARN field's value.
func (s *RestoreSecretOutput) SetName(v string) *RestoreSecretOutput
SetName sets the Name field's value.
func (s RestoreSecretOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type RotateSecretInput struct { // A unique identifier for the new version of the secret. You only need to specify // this value if you implement your own retry logic and you want to ensure that // Secrets Manager doesn't attempt to create a secret version twice. // // If you use the Amazon Web Services CLI or one of the Amazon Web Services // SDKs to call this operation, then you can leave this parameter empty. The // CLI or SDK generates a random UUID for you and includes it as the value for // this parameter in the request. // // If you generate a raw HTTP request to the Secrets Manager service endpoint, // then you must generate a ClientRequestToken and include it in the request. // // This value helps ensure idempotency. Secrets Manager uses this value to prevent // the accidental creation of duplicate versions if there are failures and retries // during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) // value to ensure uniqueness of your versions within the specified secret. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` // Specifies whether to rotate the secret immediately or wait until the next // scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules. // // For secrets that use a Lambda rotation function to rotate, if you don't immediately // rotate the secret, Secrets Manager tests the rotation configuration by running // the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_lambda-functions.html#rotate-secrets_lambda-functions-code) // of the Lambda rotation function. The test creates an AWSPENDING version of // the secret and then removes it. // // By default, Secrets Manager rotates the secret immediately. RotateImmediately *bool `type:"boolean"` // For secrets that use a Lambda rotation function to rotate, the ARN of the // Lambda rotation function. // // For secrets that use managed rotation, omit this field. For more information, // see Managed rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html) // in the Secrets Manager User Guide. RotationLambdaARN *string `type:"string"` // A structure that defines the rotation configuration for this secret. RotationRules *RotationRulesType `type:"structure"` // The ARN or name of the secret to rotate. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s RotateSecretInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RotateSecretInput) SetClientRequestToken(v string) *RotateSecretInput
SetClientRequestToken sets the ClientRequestToken field's value.
func (s *RotateSecretInput) SetRotateImmediately(v bool) *RotateSecretInput
SetRotateImmediately sets the RotateImmediately field's value.
func (s *RotateSecretInput) SetRotationLambdaARN(v string) *RotateSecretInput
SetRotationLambdaARN sets the RotationLambdaARN field's value.
func (s *RotateSecretInput) SetRotationRules(v *RotationRulesType) *RotateSecretInput
SetRotationRules sets the RotationRules field's value.
func (s *RotateSecretInput) SetSecretId(v string) *RotateSecretInput
SetSecretId sets the SecretId field's value.
func (s RotateSecretInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RotateSecretInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type RotateSecretOutput struct { // The ARN of the secret. ARN *string `min:"20" type:"string"` // The name of the secret. Name *string `min:"1" type:"string"` // The ID of the new version of the secret. VersionId *string `min:"32" type:"string"` // contains filtered or unexported fields }
func (s RotateSecretOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RotateSecretOutput) SetARN(v string) *RotateSecretOutput
SetARN sets the ARN field's value.
func (s *RotateSecretOutput) SetName(v string) *RotateSecretOutput
SetName sets the Name field's value.
func (s *RotateSecretOutput) SetVersionId(v string) *RotateSecretOutput
SetVersionId sets the VersionId field's value.
func (s RotateSecretOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type RotationRulesType struct { // The number of days between rotations of the secret. You can use this value // to check that your secret meets your compliance guidelines for how often // secrets must be rotated. If you use this field to set the rotation schedule, // Secrets Manager calculates the next rotation date based on the previous rotation. // Manually updating the secret value by calling PutSecretValue or UpdateSecret // is considered a valid rotation. // // In DescribeSecret and ListSecrets, this value is calculated from the rotation // schedule after every successful rotation. In RotateSecret, you can set the // rotation schedule in RotationRules with AutomaticallyAfterDays or ScheduleExpression, // but not both. To set a rotation schedule in hours, use ScheduleExpression. AutomaticallyAfterDays *int64 `min:"1" type:"long"` // The length of the rotation window in hours, for example 3h for a three hour // window. Secrets Manager rotates your secret at any time during this window. // The window must not extend into the next rotation window or the next UTC // day. The window starts according to the ScheduleExpression. If you don't // specify a Duration, for a ScheduleExpression in hours, the window automatically // closes after one hour. For a ScheduleExpression in days, the window automatically // closes at the end of the UTC day. For more information, including examples, // see Schedule expressions in Secrets Manager rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) // in the Secrets Manager Users Guide. Duration *string `min:"2" type:"string"` // A cron() or rate() expression that defines the schedule for rotating your // secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager // rotates your secret any time during a rotation window. // // Secrets Manager rate() expressions represent the interval in hours or days // that you want to rotate your secret, for example rate(12 hours) or rate(10 // days). You can rotate a secret as often as every four hours. If you use a // rate() expression, the rotation window starts at midnight. For a rate in // hours, the default rotation window closes after one hour. For a rate in days, // the default rotation window closes at the end of the day. You can set the // Duration to change the rotation window. The rotation window must not extend // into the next UTC day or into the next rotation window. // // You can use a cron() expression to create a rotation schedule that is more // detailed than a rotation interval. For more information, including examples, // see Schedule expressions in Secrets Manager rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) // in the Secrets Manager Users Guide. For a cron expression that represents // a schedule in hours, the default rotation window closes after one hour. For // a cron expression that represents a schedule in days, the default rotation // window closes at the end of the day. You can set the Duration to change the // rotation window. The rotation window must not extend into the next UTC day // or into the next rotation window. ScheduleExpression *string `min:"1" type:"string"` // contains filtered or unexported fields }
A structure that defines the rotation configuration for the secret.
func (s RotationRulesType) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RotationRulesType) SetAutomaticallyAfterDays(v int64) *RotationRulesType
SetAutomaticallyAfterDays sets the AutomaticallyAfterDays field's value.
func (s *RotationRulesType) SetDuration(v string) *RotationRulesType
SetDuration sets the Duration field's value.
func (s *RotationRulesType) SetScheduleExpression(v string) *RotationRulesType
SetScheduleExpression sets the ScheduleExpression field's value.
func (s RotationRulesType) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *RotationRulesType) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type SecretListEntry struct { // The Amazon Resource Name (ARN) of the secret. ARN *string `min:"20" type:"string"` // The date and time when a secret was created. CreatedDate *time.Time `type:"timestamp"` // The date and time the deletion of the secret occurred. Not present on active // secrets. The secret can be recovered until the number of days in the recovery // window has passed, as specified in the RecoveryWindowInDays parameter of // the DeleteSecret (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html) // operation. DeletedDate *time.Time `type:"timestamp"` // The user-provided description of the secret. Description *string `type:"string"` // The ARN of the KMS key that Secrets Manager uses to encrypt the secret value. // If the secret is encrypted with the Amazon Web Services managed key aws/secretsmanager, // this field is omitted. KmsKeyId *string `type:"string"` // The date that the secret was last accessed in the Region. This field is omitted // if the secret has never been retrieved in the Region. LastAccessedDate *time.Time `type:"timestamp"` // The last date and time that this secret was modified in any way. LastChangedDate *time.Time `type:"timestamp"` // The most recent date and time that the Secrets Manager rotation process was // successfully completed. This value is null if the secret hasn't ever rotated. LastRotatedDate *time.Time `type:"timestamp"` // The friendly name of the secret. Name *string `min:"1" type:"string"` // The next rotation is scheduled to occur on or before this date. If the secret // isn't configured for rotation or rotation has been disabled, Secrets Manager // returns null. NextRotationDate *time.Time `type:"timestamp"` // Returns the name of the service that created the secret. OwningService *string `min:"1" type:"string"` // The Region where Secrets Manager originated the secret. PrimaryRegion *string `min:"1" type:"string"` // Indicates whether automatic, scheduled rotation is enabled for this secret. RotationEnabled *bool `type:"boolean"` // The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager // to rotate and expire the secret either automatically per the schedule or // manually by a call to RotateSecret (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RotateSecret.html). RotationLambdaARN *string `type:"string"` // A structure that defines the rotation configuration for the secret. RotationRules *RotationRulesType `type:"structure"` // A list of all of the currently assigned SecretVersionStage staging labels // and the SecretVersionId attached to each one. Staging labels are used to // keep track of the different versions during the rotation process. // // A version that does not have any SecretVersionStage is considered deprecated // and subject to deletion. Such versions are not included in this list. SecretVersionsToStages map[string][]*string `type:"map"` // The list of user-defined tags associated with the secret. To add tags to // a secret, use TagResource (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_TagResource.html). // To remove tags, use UntagResource (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UntagResource.html). Tags []*Tag `type:"list"` // contains filtered or unexported fields }
A structure that contains the details about a secret. It does not include the encrypted SecretString and SecretBinary values. To get those values, use GetSecretValue (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html) .
func (s SecretListEntry) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *SecretListEntry) SetARN(v string) *SecretListEntry
SetARN sets the ARN field's value.
func (s *SecretListEntry) SetCreatedDate(v time.Time) *SecretListEntry
SetCreatedDate sets the CreatedDate field's value.
func (s *SecretListEntry) SetDeletedDate(v time.Time) *SecretListEntry
SetDeletedDate sets the DeletedDate field's value.
func (s *SecretListEntry) SetDescription(v string) *SecretListEntry
SetDescription sets the Description field's value.
func (s *SecretListEntry) SetKmsKeyId(v string) *SecretListEntry
SetKmsKeyId sets the KmsKeyId field's value.
func (s *SecretListEntry) SetLastAccessedDate(v time.Time) *SecretListEntry
SetLastAccessedDate sets the LastAccessedDate field's value.
func (s *SecretListEntry) SetLastChangedDate(v time.Time) *SecretListEntry
SetLastChangedDate sets the LastChangedDate field's value.
func (s *SecretListEntry) SetLastRotatedDate(v time.Time) *SecretListEntry
SetLastRotatedDate sets the LastRotatedDate field's value.
func (s *SecretListEntry) SetName(v string) *SecretListEntry
SetName sets the Name field's value.
func (s *SecretListEntry) SetNextRotationDate(v time.Time) *SecretListEntry
SetNextRotationDate sets the NextRotationDate field's value.
func (s *SecretListEntry) SetOwningService(v string) *SecretListEntry
SetOwningService sets the OwningService field's value.
func (s *SecretListEntry) SetPrimaryRegion(v string) *SecretListEntry
SetPrimaryRegion sets the PrimaryRegion field's value.
func (s *SecretListEntry) SetRotationEnabled(v bool) *SecretListEntry
SetRotationEnabled sets the RotationEnabled field's value.
func (s *SecretListEntry) SetRotationLambdaARN(v string) *SecretListEntry
SetRotationLambdaARN sets the RotationLambdaARN field's value.
func (s *SecretListEntry) SetRotationRules(v *RotationRulesType) *SecretListEntry
SetRotationRules sets the RotationRules field's value.
func (s *SecretListEntry) SetSecretVersionsToStages(v map[string][]*string) *SecretListEntry
SetSecretVersionsToStages sets the SecretVersionsToStages field's value.
func (s *SecretListEntry) SetTags(v []*Tag) *SecretListEntry
SetTags sets the Tags field's value.
func (s SecretListEntry) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type SecretValueEntry struct { // The Amazon Resource Name (ARN) of the secret. ARN *string `min:"20" type:"string"` // The date the secret was created. CreatedDate *time.Time `type:"timestamp"` // The friendly name of the secret. Name *string `min:"1" type:"string"` // The decrypted secret value, if the secret value was originally provided as // binary data in the form of a byte array. The parameter represents the binary // data as a base64-encoded (https://tools.ietf.org/html/rfc4648#section-4) // string. // // SecretBinary is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by SecretValueEntry's // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The decrypted secret value, if the secret value was originally provided as // a string or through the Secrets Manager console. // // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by SecretValueEntry's // String and GoString methods. SecretString *string `min:"1" type:"string" sensitive:"true"` // The unique version identifier of this version of the secret. VersionId *string `min:"32" type:"string"` // A list of all of the staging labels currently attached to this version of // the secret. VersionStages []*string `min:"1" type:"list"` // contains filtered or unexported fields }
A structure that contains the secret value and other details for a secret.
func (s SecretValueEntry) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *SecretValueEntry) SetARN(v string) *SecretValueEntry
SetARN sets the ARN field's value.
func (s *SecretValueEntry) SetCreatedDate(v time.Time) *SecretValueEntry
SetCreatedDate sets the CreatedDate field's value.
func (s *SecretValueEntry) SetName(v string) *SecretValueEntry
SetName sets the Name field's value.
func (s *SecretValueEntry) SetSecretBinary(v []byte) *SecretValueEntry
SetSecretBinary sets the SecretBinary field's value.
func (s *SecretValueEntry) SetSecretString(v string) *SecretValueEntry
SetSecretString sets the SecretString field's value.
func (s *SecretValueEntry) SetVersionId(v string) *SecretValueEntry
SetVersionId sets the VersionId field's value.
func (s *SecretValueEntry) SetVersionStages(v []*string) *SecretValueEntry
SetVersionStages sets the VersionStages field's value.
func (s SecretValueEntry) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type SecretVersionsListEntry struct { // The date and time this version of the secret was created. CreatedDate *time.Time `type:"timestamp"` // The KMS keys used to encrypt the secret version. KmsKeyIds []*string `type:"list"` // The date that this version of the secret was last accessed. Note that the // resolution of this field is at the date level and does not include the time. LastAccessedDate *time.Time `type:"timestamp"` // The unique version identifier of this version of the secret. VersionId *string `min:"32" type:"string"` // An array of staging labels that are currently associated with this version // of the secret. VersionStages []*string `min:"1" type:"list"` // contains filtered or unexported fields }
A structure that contains information about one version of a secret.
func (s SecretVersionsListEntry) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *SecretVersionsListEntry) SetCreatedDate(v time.Time) *SecretVersionsListEntry
SetCreatedDate sets the CreatedDate field's value.
func (s *SecretVersionsListEntry) SetKmsKeyIds(v []*string) *SecretVersionsListEntry
SetKmsKeyIds sets the KmsKeyIds field's value.
func (s *SecretVersionsListEntry) SetLastAccessedDate(v time.Time) *SecretVersionsListEntry
SetLastAccessedDate sets the LastAccessedDate field's value.
func (s *SecretVersionsListEntry) SetVersionId(v string) *SecretVersionsListEntry
SetVersionId sets the VersionId field's value.
func (s *SecretVersionsListEntry) SetVersionStages(v []*string) *SecretVersionsListEntry
SetVersionStages sets the VersionStages field's value.
func (s SecretVersionsListEntry) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type SecretsManager struct { *client.Client }
SecretsManager provides the API operation methods for making requests to AWS Secrets Manager. See this package's package overview docs for details on the service.
SecretsManager methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.
func New(p client.ConfigProvider, cfgs ...*aws.Config) *SecretsManager
New creates a new instance of the SecretsManager client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.
Example:
mySession := session.Must(session.NewSession()) // Create a SecretsManager client from just a session. svc := secretsmanager.New(mySession) // Create a SecretsManager client with additional configuration svc := secretsmanager.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
func (c *SecretsManager) BatchGetSecretValue(input *BatchGetSecretValueInput) (*BatchGetSecretValueOutput, error)
BatchGetSecretValue API operation for AWS Secrets Manager.
Retrieves the contents of the encrypted fields SecretString or SecretBinary for up to 20 secrets. To retrieve a single secret, call GetSecretValue.
To choose which secrets to retrieve, you can specify a list of secrets by name or ARN, or you can use filters. If Secrets Manager encounters errors such as AccessDeniedException while attempting to retrieve any of the secrets, you can see the errors in Errors in the response.
Secrets Manager generates CloudTrail GetSecretValue log entries for each secret you request when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:BatchGetSecretValue, and you must have secretsmanager:GetSecretValue for each secret. If you use filters, you must also have secretsmanager:ListSecrets. If the secrets are encrypted using customer-managed keys instead of the Amazon Web Services managed key aws/secretsmanager, then you also need kms:Decrypt permissions for the keys. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation BatchGetSecretValue for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
DecryptionFailure Secrets Manager can't decrypt the protected secret text using the provided KMS key.
InternalServiceError An error occurred on the server side.
InvalidNextTokenException The NextToken value is invalid.
func (c *SecretsManager) BatchGetSecretValuePages(input *BatchGetSecretValueInput, fn func(*BatchGetSecretValueOutput, bool) bool) error
BatchGetSecretValuePages iterates over the pages of a BatchGetSecretValue operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.
See BatchGetSecretValue method for more information on how to use this operation.
Note: This operation can generate multiple requests to a service.
// Example iterating over at most 3 pages of a BatchGetSecretValue operation. pageNum := 0 err := client.BatchGetSecretValuePages(params, func(page *secretsmanager.BatchGetSecretValueOutput, lastPage bool) bool { pageNum++ fmt.Println(page) return pageNum <= 3 })
func (c *SecretsManager) BatchGetSecretValuePagesWithContext(ctx aws.Context, input *BatchGetSecretValueInput, fn func(*BatchGetSecretValueOutput, bool) bool, opts ...request.Option) error
BatchGetSecretValuePagesWithContext same as BatchGetSecretValuePages except it takes a Context and allows setting request options on the pages.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) BatchGetSecretValueRequest(input *BatchGetSecretValueInput) (req *request.Request, output *BatchGetSecretValueOutput)
BatchGetSecretValueRequest generates a "aws/request.Request" representing the client's request for the BatchGetSecretValue operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See BatchGetSecretValue for more information on using the BatchGetSecretValue API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the BatchGetSecretValueRequest method. req, resp := client.BatchGetSecretValueRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) BatchGetSecretValueWithContext(ctx aws.Context, input *BatchGetSecretValueInput, opts ...request.Option) (*BatchGetSecretValueOutput, error)
BatchGetSecretValueWithContext is the same as BatchGetSecretValue with the addition of the ability to pass a context and additional request options.
See BatchGetSecretValue for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) CancelRotateSecret(input *CancelRotateSecretInput) (*CancelRotateSecretOutput, error)
CancelRotateSecret API operation for AWS Secrets Manager.
Turns off automatic rotation, and if a rotation is currently in progress, cancels the rotation.
If you cancel a rotation in progress, it can leave the VersionStage labels in an unexpected state. You might need to remove the staging label AWSPENDING from the partially created version. You also need to determine whether to roll back to the previous version of the secret by moving the staging label AWSCURRENT to the version that has AWSPENDING. To determine which version has a specific staging label, call ListSecretVersionIds. Then use UpdateSecretVersionStage to change staging labels. For more information, see How rotation works (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html).
To turn on automatic rotation again, call RotateSecret.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:CancelRotateSecret. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation CancelRotateSecret for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
func (c *SecretsManager) CancelRotateSecretRequest(input *CancelRotateSecretInput) (req *request.Request, output *CancelRotateSecretOutput)
CancelRotateSecretRequest generates a "aws/request.Request" representing the client's request for the CancelRotateSecret operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See CancelRotateSecret for more information on using the CancelRotateSecret API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the CancelRotateSecretRequest method. req, resp := client.CancelRotateSecretRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) CancelRotateSecretWithContext(ctx aws.Context, input *CancelRotateSecretInput, opts ...request.Option) (*CancelRotateSecretOutput, error)
CancelRotateSecretWithContext is the same as CancelRotateSecret with the addition of the ability to pass a context and additional request options.
See CancelRotateSecret for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) CreateSecret(input *CreateSecretInput) (*CreateSecretOutput, error)
CreateSecret API operation for AWS Secrets Manager.
Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret.
For secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
For information about creating a secret in the console, see Create a secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html).
To create a secret, you can provide the secret value to be encrypted in either the SecretString parameter or the SecretBinary parameter, but not both. If you include SecretString or SecretBinary then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT to it.
For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString matches the JSON structure of a database secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html).
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time significant delay in returning the result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed KMS key.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:CreateSecret. If you include tags in the secret, you also need secretsmanager:TagResource. To add replica Regions, you must also have secretsmanager:ReplicateSecretToRegions. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key.
When you enter commands in a command shell, there is a risk of the command history being accessed or utilities having access to your command parameters. This is a concern if the command includes the value of a secret. Learn how to Mitigate the risks of using command-line tools to store Secrets Manager secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation CreateSecret for usage and error information.
Returned Error Types:
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
LimitExceededException The request failed because it would exceed one of the Secrets Manager quotas.
EncryptionFailure Secrets Manager can't encrypt the protected secret text using the provided KMS key. Check that the KMS key is available, enabled, and not in an invalid state. For more information, see Key state: Effect on your KMS key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html).
ResourceExistsException A resource with the ID you requested already exists.
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
MalformedPolicyDocumentException The resource policy has syntax errors.
InternalServiceError An error occurred on the server side.
PreconditionNotMetException The request failed because you did not complete all the prerequisite steps.
DecryptionFailure Secrets Manager can't decrypt the protected secret text using the provided KMS key.
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/CreateSecret
func (c *SecretsManager) CreateSecretRequest(input *CreateSecretInput) (req *request.Request, output *CreateSecretOutput)
CreateSecretRequest generates a "aws/request.Request" representing the client's request for the CreateSecret operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See CreateSecret for more information on using the CreateSecret API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the CreateSecretRequest method. req, resp := client.CreateSecretRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/CreateSecret
func (c *SecretsManager) CreateSecretWithContext(ctx aws.Context, input *CreateSecretInput, opts ...request.Option) (*CreateSecretOutput, error)
CreateSecretWithContext is the same as CreateSecret with the addition of the ability to pass a context and additional request options.
See CreateSecret for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) DeleteResourcePolicy(input *DeleteResourcePolicyInput) (*DeleteResourcePolicyOutput, error)
DeleteResourcePolicy API operation for AWS Secrets Manager.
Deletes the resource-based permission policy attached to the secret. To attach a policy to a secret, use PutResourcePolicy.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:DeleteResourcePolicy. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation DeleteResourcePolicy for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InternalServiceError An error occurred on the server side.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InvalidParameterException The parameter name or value is invalid.
func (c *SecretsManager) DeleteResourcePolicyRequest(input *DeleteResourcePolicyInput) (req *request.Request, output *DeleteResourcePolicyOutput)
DeleteResourcePolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteResourcePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See DeleteResourcePolicy for more information on using the DeleteResourcePolicy API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the DeleteResourcePolicyRequest method. req, resp := client.DeleteResourcePolicyRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) DeleteResourcePolicyWithContext(ctx aws.Context, input *DeleteResourcePolicyInput, opts ...request.Option) (*DeleteResourcePolicyOutput, error)
DeleteResourcePolicyWithContext is the same as DeleteResourcePolicy with the addition of the ability to pass a context and additional request options.
See DeleteResourcePolicy for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) DeleteSecret(input *DeleteSecretInput) (*DeleteSecretOutput, error)
DeleteSecret API operation for AWS Secrets Manager.
Deletes a secret and all of its versions. You can specify a recovery window during which you can restore the secret. The minimum recovery window is 7 days. The default recovery window is 30 days. Secrets Manager attaches a DeletionDate stamp to the secret that specifies the end of the recovery window. At the end of the recovery window, Secrets Manager deletes the secret permanently.
You can't delete a primary secret that is replicated to other Regions. You must first delete the replicas using RemoveRegionsFromReplication, and then delete the primary secret. When you delete a replica, it is deleted immediately.
You can't directly delete a version of a secret. Instead, you remove all staging labels from the version using UpdateSecretVersionStage. This marks the version as deprecated, and then Secrets Manager can automatically delete the version in the background.
To determine whether an application still uses a secret, you can create an Amazon CloudWatch alarm to alert you to any attempts to access a secret during the recovery window. For more information, see Monitor secrets scheduled for deletion (https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring_cloudwatch_deleted-secrets.html).
Secrets Manager performs the permanent secret deletion at the end of the waiting period as a background task with low priority. There is no guarantee of a specific time after the recovery window for the permanent delete to occur.
At any time before recovery window ends, you can use RestoreSecret to remove the DeletionDate and cancel the deletion of the secret.
When a secret is scheduled for deletion, you cannot retrieve the secret value. You must first cancel the deletion with RestoreSecret and then you can retrieve the secret.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:DeleteSecret. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation DeleteSecret for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InternalServiceError An error occurred on the server side.
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DeleteSecret
func (c *SecretsManager) DeleteSecretRequest(input *DeleteSecretInput) (req *request.Request, output *DeleteSecretOutput)
DeleteSecretRequest generates a "aws/request.Request" representing the client's request for the DeleteSecret operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See DeleteSecret for more information on using the DeleteSecret API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the DeleteSecretRequest method. req, resp := client.DeleteSecretRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/DeleteSecret
func (c *SecretsManager) DeleteSecretWithContext(ctx aws.Context, input *DeleteSecretInput, opts ...request.Option) (*DeleteSecretOutput, error)
DeleteSecretWithContext is the same as DeleteSecret with the addition of the ability to pass a context and additional request options.
See DeleteSecret for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) DescribeSecret(input *DescribeSecretInput) (*DescribeSecretOutput, error)
DescribeSecret API operation for AWS Secrets Manager.
Retrieves the details of a secret. It does not include the encrypted secret value. Secrets Manager only returns fields that have a value in the response.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:DescribeSecret. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation DescribeSecret for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InternalServiceError An error occurred on the server side.
InvalidParameterException The parameter name or value is invalid.
func (c *SecretsManager) DescribeSecretRequest(input *DescribeSecretInput) (req *request.Request, output *DescribeSecretOutput)
DescribeSecretRequest generates a "aws/request.Request" representing the client's request for the DescribeSecret operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See DescribeSecret for more information on using the DescribeSecret API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the DescribeSecretRequest method. req, resp := client.DescribeSecretRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) DescribeSecretWithContext(ctx aws.Context, input *DescribeSecretInput, opts ...request.Option) (*DescribeSecretOutput, error)
DescribeSecretWithContext is the same as DescribeSecret with the addition of the ability to pass a context and additional request options.
See DescribeSecret for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) GetRandomPassword(input *GetRandomPasswordInput) (*GetRandomPasswordOutput, error)
GetRandomPassword API operation for AWS Secrets Manager.
Generates a random password. We recommend that you specify the maximum length and include every character type that the system you are generating a password for can support. By default, Secrets Manager uses uppercase and lowercase letters, numbers, and the following characters in passwords: !\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~
Secrets Manager generates a CloudTrail log entry when you call this action.
Required permissions: secretsmanager:GetRandomPassword. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation GetRandomPassword for usage and error information.
Returned Error Types:
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InternalServiceError An error occurred on the server side.
func (c *SecretsManager) GetRandomPasswordRequest(input *GetRandomPasswordInput) (req *request.Request, output *GetRandomPasswordOutput)
GetRandomPasswordRequest generates a "aws/request.Request" representing the client's request for the GetRandomPassword operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See GetRandomPassword for more information on using the GetRandomPassword API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the GetRandomPasswordRequest method. req, resp := client.GetRandomPasswordRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) GetRandomPasswordWithContext(ctx aws.Context, input *GetRandomPasswordInput, opts ...request.Option) (*GetRandomPasswordOutput, error)
GetRandomPasswordWithContext is the same as GetRandomPassword with the addition of the ability to pass a context and additional request options.
See GetRandomPassword for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) GetResourcePolicy(input *GetResourcePolicyInput) (*GetResourcePolicyOutput, error)
GetResourcePolicy API operation for AWS Secrets Manager.
Retrieves the JSON text of the resource-based policy document attached to the secret. For more information about permissions policies attached to a secret, see Permissions policies attached to a secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html).
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:GetResourcePolicy. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation GetResourcePolicy for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InternalServiceError An error occurred on the server side.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InvalidParameterException The parameter name or value is invalid.
func (c *SecretsManager) GetResourcePolicyRequest(input *GetResourcePolicyInput) (req *request.Request, output *GetResourcePolicyOutput)
GetResourcePolicyRequest generates a "aws/request.Request" representing the client's request for the GetResourcePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See GetResourcePolicy for more information on using the GetResourcePolicy API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the GetResourcePolicyRequest method. req, resp := client.GetResourcePolicyRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) GetResourcePolicyWithContext(ctx aws.Context, input *GetResourcePolicyInput, opts ...request.Option) (*GetResourcePolicyOutput, error)
GetResourcePolicyWithContext is the same as GetResourcePolicy with the addition of the ability to pass a context and additional request options.
See GetResourcePolicy for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) GetSecretValue(input *GetSecretValueInput) (*GetSecretValueOutput, error)
GetSecretValue API operation for AWS Secrets Manager.
Retrieves the contents of the encrypted fields SecretString or SecretBinary from the specified version of a secret, whichever contains content.
To retrieve the values for a group of secrets, call BatchGetSecretValue.
We recommend that you cache your secret values by using client-side caching. Caching secrets improves speed and reduces your costs. For more information, see Cache secrets for your applications (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html).
To retrieve the previous version of a secret, use VersionStage and specify AWSPREVIOUS. To revert to the previous version of a secret, call UpdateSecretVersionStage (https://docs.aws.amazon.com/cli/latest/reference/secretsmanager/update-secret-version-stage.html).
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:GetSecretValue. If the secret is encrypted using a customer-managed key instead of the Amazon Web Services managed key aws/secretsmanager, then you also need kms:Decrypt permissions for that key. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation GetSecretValue for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
DecryptionFailure Secrets Manager can't decrypt the protected secret text using the provided KMS key.
InternalServiceError An error occurred on the server side.
func (c *SecretsManager) GetSecretValueRequest(input *GetSecretValueInput) (req *request.Request, output *GetSecretValueOutput)
GetSecretValueRequest generates a "aws/request.Request" representing the client's request for the GetSecretValue operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See GetSecretValue for more information on using the GetSecretValue API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the GetSecretValueRequest method. req, resp := client.GetSecretValueRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) GetSecretValueWithContext(ctx aws.Context, input *GetSecretValueInput, opts ...request.Option) (*GetSecretValueOutput, error)
GetSecretValueWithContext is the same as GetSecretValue with the addition of the ability to pass a context and additional request options.
See GetSecretValue for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) ListSecretVersionIds(input *ListSecretVersionIdsInput) (*ListSecretVersionIdsOutput, error)
ListSecretVersionIds API operation for AWS Secrets Manager.
Lists the versions of a secret. Secrets Manager uses staging labels to indicate the different versions of a secret. For more information, see Secrets Manager concepts: Versions (https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version).
To list the secrets in the account, use ListSecrets.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:ListSecretVersionIds. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation ListSecretVersionIds for usage and error information.
Returned Error Types:
InvalidNextTokenException The NextToken value is invalid.
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InternalServiceError An error occurred on the server side.
InvalidParameterException The parameter name or value is invalid.
func (c *SecretsManager) ListSecretVersionIdsPages(input *ListSecretVersionIdsInput, fn func(*ListSecretVersionIdsOutput, bool) bool) error
ListSecretVersionIdsPages iterates over the pages of a ListSecretVersionIds operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.
See ListSecretVersionIds method for more information on how to use this operation.
Note: This operation can generate multiple requests to a service.
// Example iterating over at most 3 pages of a ListSecretVersionIds operation. pageNum := 0 err := client.ListSecretVersionIdsPages(params, func(page *secretsmanager.ListSecretVersionIdsOutput, lastPage bool) bool { pageNum++ fmt.Println(page) return pageNum <= 3 })
func (c *SecretsManager) ListSecretVersionIdsPagesWithContext(ctx aws.Context, input *ListSecretVersionIdsInput, fn func(*ListSecretVersionIdsOutput, bool) bool, opts ...request.Option) error
ListSecretVersionIdsPagesWithContext same as ListSecretVersionIdsPages except it takes a Context and allows setting request options on the pages.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) ListSecretVersionIdsRequest(input *ListSecretVersionIdsInput) (req *request.Request, output *ListSecretVersionIdsOutput)
ListSecretVersionIdsRequest generates a "aws/request.Request" representing the client's request for the ListSecretVersionIds operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See ListSecretVersionIds for more information on using the ListSecretVersionIds API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the ListSecretVersionIdsRequest method. req, resp := client.ListSecretVersionIdsRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) ListSecretVersionIdsWithContext(ctx aws.Context, input *ListSecretVersionIdsInput, opts ...request.Option) (*ListSecretVersionIdsOutput, error)
ListSecretVersionIdsWithContext is the same as ListSecretVersionIds with the addition of the ability to pass a context and additional request options.
See ListSecretVersionIds for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) ListSecrets(input *ListSecretsInput) (*ListSecretsOutput, error)
ListSecrets API operation for AWS Secrets Manager.
Lists the secrets that are stored by Secrets Manager in the Amazon Web Services account, not including secrets that are marked for deletion. To see secrets marked for deletion, use the Secrets Manager console.
All Secrets Manager operations are eventually consistent. ListSecrets might not reflect changes from the last five minutes. You can get more recent information for a specific secret by calling DescribeSecret.
To list the versions of a secret, use ListSecretVersionIds.
To retrieve the values for the secrets, call BatchGetSecretValue or GetSecretValue.
For information about finding secrets in the console, see Find secrets in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html).
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:ListSecrets. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation ListSecrets for usage and error information.
Returned Error Types:
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InvalidNextTokenException The NextToken value is invalid.
InternalServiceError An error occurred on the server side.
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ListSecrets
func (c *SecretsManager) ListSecretsPages(input *ListSecretsInput, fn func(*ListSecretsOutput, bool) bool) error
ListSecretsPages iterates over the pages of a ListSecrets operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.
See ListSecrets method for more information on how to use this operation.
Note: This operation can generate multiple requests to a service.
// Example iterating over at most 3 pages of a ListSecrets operation. pageNum := 0 err := client.ListSecretsPages(params, func(page *secretsmanager.ListSecretsOutput, lastPage bool) bool { pageNum++ fmt.Println(page) return pageNum <= 3 })
func (c *SecretsManager) ListSecretsPagesWithContext(ctx aws.Context, input *ListSecretsInput, fn func(*ListSecretsOutput, bool) bool, opts ...request.Option) error
ListSecretsPagesWithContext same as ListSecretsPages except it takes a Context and allows setting request options on the pages.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) ListSecretsRequest(input *ListSecretsInput) (req *request.Request, output *ListSecretsOutput)
ListSecretsRequest generates a "aws/request.Request" representing the client's request for the ListSecrets operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See ListSecrets for more information on using the ListSecrets API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the ListSecretsRequest method. req, resp := client.ListSecretsRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/ListSecrets
func (c *SecretsManager) ListSecretsWithContext(ctx aws.Context, input *ListSecretsInput, opts ...request.Option) (*ListSecretsOutput, error)
ListSecretsWithContext is the same as ListSecrets with the addition of the ability to pass a context and additional request options.
See ListSecrets for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) PutResourcePolicy(input *PutResourcePolicyInput) (*PutResourcePolicyOutput, error)
PutResourcePolicy API operation for AWS Secrets Manager.
Attaches a resource-based permission policy to a secret. A resource-based policy is optional. For more information, see Authentication and access control for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html)
For information about attaching a policy in the console, see Attach a permissions policy to a secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html).
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:PutResourcePolicy. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation PutResourcePolicy for usage and error information.
Returned Error Types:
MalformedPolicyDocumentException The resource policy has syntax errors.
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
PublicPolicyException The BlockPublicPolicy parameter is set to true, and the resource policy did not prevent broad access to the secret.
func (c *SecretsManager) PutResourcePolicyRequest(input *PutResourcePolicyInput) (req *request.Request, output *PutResourcePolicyOutput)
PutResourcePolicyRequest generates a "aws/request.Request" representing the client's request for the PutResourcePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See PutResourcePolicy for more information on using the PutResourcePolicy API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the PutResourcePolicyRequest method. req, resp := client.PutResourcePolicyRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) PutResourcePolicyWithContext(ctx aws.Context, input *PutResourcePolicyInput, opts ...request.Option) (*PutResourcePolicyOutput, error)
PutResourcePolicyWithContext is the same as PutResourcePolicy with the addition of the ability to pass a context and additional request options.
See PutResourcePolicy for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) PutSecretValue(input *PutSecretValueInput) (*PutSecretValueOutput, error)
PutSecretValue API operation for AWS Secrets Manager.
Creates a new version with a new encrypted secret value and attaches it to the secret. The version can contain a new SecretString value or a new SecretBinary value.
We recommend you avoid calling PutSecretValue at a sustained rate of more than once every 10 minutes. When you update the secret value, Secrets Manager creates a new version of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not remove versions created less than 24 hours ago. If you call PutSecretValue more than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach the quota for secret versions.
You can specify the staging labels to attach to the new version in VersionStages. If you don't include VersionStages, then Secrets Manager automatically moves the staging label AWSCURRENT to this version. If this operation creates the first version for the secret, then Secrets Manager automatically attaches the staging label AWSCURRENT to it. If this operation moves the staging label AWSCURRENT from another version to this version, then Secrets Manager also automatically moves the staging label AWSPREVIOUS to the version that AWSCURRENT was removed from.
This operation is idempotent. If you call this operation with a ClientRequestToken that matches an existing version's VersionId, and you specify the same secret data, the operation succeeds but does nothing. However, if the secret data is different, then the operation fails because you can't modify an existing version; you can only create new ones.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary, SecretString, or RotationToken because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:PutSecretValue. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
When you enter commands in a command shell, there is a risk of the command history being accessed or utilities having access to your command parameters. This is a concern if the command includes the value of a secret. Learn how to Mitigate the risks of using command-line tools to store Secrets Manager secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation PutSecretValue for usage and error information.
Returned Error Types:
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
LimitExceededException The request failed because it would exceed one of the Secrets Manager quotas.
EncryptionFailure Secrets Manager can't encrypt the protected secret text using the provided KMS key. Check that the KMS key is available, enabled, and not in an invalid state. For more information, see Key state: Effect on your KMS key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html).
ResourceExistsException A resource with the ID you requested already exists.
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InternalServiceError An error occurred on the server side.
DecryptionFailure Secrets Manager can't decrypt the protected secret text using the provided KMS key.
func (c *SecretsManager) PutSecretValueRequest(input *PutSecretValueInput) (req *request.Request, output *PutSecretValueOutput)
PutSecretValueRequest generates a "aws/request.Request" representing the client's request for the PutSecretValue operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See PutSecretValue for more information on using the PutSecretValue API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the PutSecretValueRequest method. req, resp := client.PutSecretValueRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) PutSecretValueWithContext(ctx aws.Context, input *PutSecretValueInput, opts ...request.Option) (*PutSecretValueOutput, error)
PutSecretValueWithContext is the same as PutSecretValue with the addition of the ability to pass a context and additional request options.
See PutSecretValue for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) RemoveRegionsFromReplication(input *RemoveRegionsFromReplicationInput) (*RemoveRegionsFromReplicationOutput, error)
RemoveRegionsFromReplication API operation for AWS Secrets Manager.
For a secret that is replicated to other Regions, deletes the secret replicas from the Regions you specify.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:RemoveRegionsFromReplication. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation RemoveRegionsFromReplication for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
func (c *SecretsManager) RemoveRegionsFromReplicationRequest(input *RemoveRegionsFromReplicationInput) (req *request.Request, output *RemoveRegionsFromReplicationOutput)
RemoveRegionsFromReplicationRequest generates a "aws/request.Request" representing the client's request for the RemoveRegionsFromReplication operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See RemoveRegionsFromReplication for more information on using the RemoveRegionsFromReplication API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the RemoveRegionsFromReplicationRequest method. req, resp := client.RemoveRegionsFromReplicationRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) RemoveRegionsFromReplicationWithContext(ctx aws.Context, input *RemoveRegionsFromReplicationInput, opts ...request.Option) (*RemoveRegionsFromReplicationOutput, error)
RemoveRegionsFromReplicationWithContext is the same as RemoveRegionsFromReplication with the addition of the ability to pass a context and additional request options.
See RemoveRegionsFromReplication for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) ReplicateSecretToRegions(input *ReplicateSecretToRegionsInput) (*ReplicateSecretToRegionsOutput, error)
ReplicateSecretToRegions API operation for AWS Secrets Manager.
Replicates the secret to a new Regions. See Multi-Region secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-secrets.html).
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:ReplicateSecretToRegions. If the primary secret is encrypted with a KMS key other than aws/secretsmanager, you also need kms:Decrypt permission to the key. To encrypt the replicated secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Encrypt to the key. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation ReplicateSecretToRegions for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
func (c *SecretsManager) ReplicateSecretToRegionsRequest(input *ReplicateSecretToRegionsInput) (req *request.Request, output *ReplicateSecretToRegionsOutput)
ReplicateSecretToRegionsRequest generates a "aws/request.Request" representing the client's request for the ReplicateSecretToRegions operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See ReplicateSecretToRegions for more information on using the ReplicateSecretToRegions API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the ReplicateSecretToRegionsRequest method. req, resp := client.ReplicateSecretToRegionsRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) ReplicateSecretToRegionsWithContext(ctx aws.Context, input *ReplicateSecretToRegionsInput, opts ...request.Option) (*ReplicateSecretToRegionsOutput, error)
ReplicateSecretToRegionsWithContext is the same as ReplicateSecretToRegions with the addition of the ability to pass a context and additional request options.
See ReplicateSecretToRegions for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) RestoreSecret(input *RestoreSecretInput) (*RestoreSecretOutput, error)
RestoreSecret API operation for AWS Secrets Manager.
Cancels the scheduled deletion of a secret by removing the DeletedDate time stamp. You can access a secret again after it has been restored.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:RestoreSecret. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation RestoreSecret for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InternalServiceError An error occurred on the server side.
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RestoreSecret
func (c *SecretsManager) RestoreSecretRequest(input *RestoreSecretInput) (req *request.Request, output *RestoreSecretOutput)
RestoreSecretRequest generates a "aws/request.Request" representing the client's request for the RestoreSecret operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See RestoreSecret for more information on using the RestoreSecret API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the RestoreSecretRequest method. req, resp := client.RestoreSecretRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RestoreSecret
func (c *SecretsManager) RestoreSecretWithContext(ctx aws.Context, input *RestoreSecretInput, opts ...request.Option) (*RestoreSecretOutput, error)
RestoreSecretWithContext is the same as RestoreSecret with the addition of the ability to pass a context and additional request options.
See RestoreSecret for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) RotateSecret(input *RotateSecretInput) (*RotateSecretOutput, error)
RotateSecret API operation for AWS Secrets Manager.
Configures and starts the asynchronous process of rotating the secret. For information about rotation, see Rotate secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) in the Secrets Manager User Guide. If you include the configuration parameters, the operation sets the values for the secret and then immediately starts a rotation. If you don't include the configuration parameters, the operation starts a rotation with the values already stored in the secret.
When rotation is successful, the AWSPENDING staging label might be attached to the same version as the AWSCURRENT version, or it might not be attached to any version. If the AWSPENDING staging label is present but not attached to the same version as AWSCURRENT, then any later invocation of RotateSecret assumes that a previous rotation request is still in progress and returns an error. When rotation is unsuccessful, the AWSPENDING staging label might be attached to an empty secret version. For more information, see Troubleshoot rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html) in the Secrets Manager User Guide.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:RotateSecret. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). You also need lambda:InvokeFunction permissions on the rotation function. For more information, see Permissions for rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation RotateSecret for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RotateSecret
func (c *SecretsManager) RotateSecretRequest(input *RotateSecretInput) (req *request.Request, output *RotateSecretOutput)
RotateSecretRequest generates a "aws/request.Request" representing the client's request for the RotateSecret operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See RotateSecret for more information on using the RotateSecret API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the RotateSecretRequest method. req, resp := client.RotateSecretRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RotateSecret
func (c *SecretsManager) RotateSecretWithContext(ctx aws.Context, input *RotateSecretInput, opts ...request.Option) (*RotateSecretOutput, error)
RotateSecretWithContext is the same as RotateSecret with the addition of the ability to pass a context and additional request options.
See RotateSecret for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) StopReplicationToReplica(input *StopReplicationToReplicaInput) (*StopReplicationToReplicaOutput, error)
StopReplicationToReplica API operation for AWS Secrets Manager.
Removes the link between the replica secret and the primary secret and promotes the replica to a primary secret in the replica Region.
You must call this operation from the Region in which you want to promote the replica to a primary secret.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:StopReplicationToReplica. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation StopReplicationToReplica for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
func (c *SecretsManager) StopReplicationToReplicaRequest(input *StopReplicationToReplicaInput) (req *request.Request, output *StopReplicationToReplicaOutput)
StopReplicationToReplicaRequest generates a "aws/request.Request" representing the client's request for the StopReplicationToReplica operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See StopReplicationToReplica for more information on using the StopReplicationToReplica API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the StopReplicationToReplicaRequest method. req, resp := client.StopReplicationToReplicaRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) StopReplicationToReplicaWithContext(ctx aws.Context, input *StopReplicationToReplicaInput, opts ...request.Option) (*StopReplicationToReplicaOutput, error)
StopReplicationToReplicaWithContext is the same as StopReplicationToReplica with the addition of the ability to pass a context and additional request options.
See StopReplicationToReplica for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) TagResource(input *TagResourceInput) (*TagResourceOutput, error)
TagResource API operation for AWS Secrets Manager.
Attaches tags to a secret. Tags consist of a key name and a value. Tags are part of the secret's metadata. They are not associated with specific versions of the secret. This operation appends tags to the existing list of tags.
For tag quotas and naming restrictions, see Service quotas for Tagging (https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas) in the Amazon Web Services General Reference guide.
If you use tags as part of your security strategy, then adding or removing a tag can change permissions. If successfully completing this operation would result in you losing your permissions for this secret, then the operation is blocked and returns an Access Denied error.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:TagResource. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation TagResource for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/TagResource
func (c *SecretsManager) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput)
TagResourceRequest generates a "aws/request.Request" representing the client's request for the TagResource operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See TagResource for more information on using the TagResource API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the TagResourceRequest method. req, resp := client.TagResourceRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/TagResource
func (c *SecretsManager) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error)
TagResourceWithContext is the same as TagResource with the addition of the ability to pass a context and additional request options.
See TagResource for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error)
UntagResource API operation for AWS Secrets Manager.
Removes specific tags from a secret.
This operation is idempotent. If a requested tag is not attached to the secret, no error is returned and the secret metadata is unchanged.
If you use tags as part of your security strategy, then removing a tag can change permissions. If successfully completing this operation would result in you losing your permissions for this secret, then the operation is blocked and returns an Access Denied error.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:UntagResource. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation UntagResource for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UntagResource
func (c *SecretsManager) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput)
UntagResourceRequest generates a "aws/request.Request" representing the client's request for the UntagResource operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See UntagResource for more information on using the UntagResource API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the UntagResourceRequest method. req, resp := client.UntagResourceRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UntagResource
func (c *SecretsManager) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error)
UntagResourceWithContext is the same as UntagResource with the addition of the ability to pass a context and additional request options.
See UntagResource for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) UpdateSecret(input *UpdateSecretInput) (*UpdateSecretOutput, error)
UpdateSecret API operation for AWS Secrets Manager.
Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use PutSecretValue.
To change the rotation configuration of a secret, use RotateSecret instead.
To change a secret so that it is managed by another service, you need to recreate the secret in that service. See Secrets Manager secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
We recommend you avoid calling UpdateSecret at a sustained rate of more than once every 10 minutes. When you call UpdateSecret to update the secret value, Secrets Manager creates a new version of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not remove versions created less than 24 hours ago. If you update the secret value more than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach the quota for secret versions.
If you include SecretString or SecretBinary to create a new secret version, Secrets Manager automatically moves the staging label AWSCURRENT to the new version. Then it attaches the label AWSPREVIOUS to the version that AWSCURRENT was removed from.
If you call this operation with a ClientRequestToken that matches an existing version's VersionId, the operation results in an error. You can't modify an existing version, you can only create a new version. To remove a version, remove all staging labels from it. See UpdateSecretVersionStage.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:UpdateSecret. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). If you use a customer managed key, you must also have kms:GenerateDataKey, kms:Encrypt, and kms:Decrypt permissions on the key. If you change the KMS key and you don't have kms:Encrypt permission to the new key, Secrets Manager does not re-encrypt existing secret versions with the new key. For more information, see Secret encryption and decryption (https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html).
When you enter commands in a command shell, there is a risk of the command history being accessed or utilities having access to your command parameters. This is a concern if the command includes the value of a secret. Learn how to Mitigate the risks of using command-line tools to store Secrets Manager secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation UpdateSecret for usage and error information.
Returned Error Types:
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
LimitExceededException The request failed because it would exceed one of the Secrets Manager quotas.
EncryptionFailure Secrets Manager can't encrypt the protected secret text using the provided KMS key. Check that the KMS key is available, enabled, and not in an invalid state. For more information, see Key state: Effect on your KMS key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html).
ResourceExistsException A resource with the ID you requested already exists.
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
MalformedPolicyDocumentException The resource policy has syntax errors.
InternalServiceError An error occurred on the server side.
PreconditionNotMetException The request failed because you did not complete all the prerequisite steps.
DecryptionFailure Secrets Manager can't decrypt the protected secret text using the provided KMS key.
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UpdateSecret
func (c *SecretsManager) UpdateSecretRequest(input *UpdateSecretInput) (req *request.Request, output *UpdateSecretOutput)
UpdateSecretRequest generates a "aws/request.Request" representing the client's request for the UpdateSecret operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See UpdateSecret for more information on using the UpdateSecret API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the UpdateSecretRequest method. req, resp := client.UpdateSecretRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/UpdateSecret
func (c *SecretsManager) UpdateSecretVersionStage(input *UpdateSecretVersionStageInput) (*UpdateSecretVersionStageOutput, error)
UpdateSecretVersionStage API operation for AWS Secrets Manager.
Modifies the staging labels attached to a version of a secret. Secrets Manager uses staging labels to track a version as it progresses through the secret rotation process. Each staging label can be attached to only one version at a time. To add a staging label to a version when it is already attached to another version, Secrets Manager first removes it from the other version first and then attaches it to this one. For more information about versions and staging labels, see Concepts: Version (https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version).
The staging labels that you specify in the VersionStage parameter are added to the existing list of staging labels for the version.
You can move the AWSCURRENT staging label to this version by including it in this call.
Whenever you move AWSCURRENT, Secrets Manager automatically moves the label AWSPREVIOUS to the version that AWSCURRENT was removed from.
If this action results in the last label being removed from a version, then the version is considered to be 'deprecated' and can be deleted by Secrets Manager.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:UpdateSecretVersionStage. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation UpdateSecretVersionStage for usage and error information.
Returned Error Types:
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
LimitExceededException The request failed because it would exceed one of the Secrets Manager quotas.
InternalServiceError An error occurred on the server side.
func (c *SecretsManager) UpdateSecretVersionStageRequest(input *UpdateSecretVersionStageInput) (req *request.Request, output *UpdateSecretVersionStageOutput)
UpdateSecretVersionStageRequest generates a "aws/request.Request" representing the client's request for the UpdateSecretVersionStage operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See UpdateSecretVersionStage for more information on using the UpdateSecretVersionStage API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the UpdateSecretVersionStageRequest method. req, resp := client.UpdateSecretVersionStageRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) UpdateSecretVersionStageWithContext(ctx aws.Context, input *UpdateSecretVersionStageInput, opts ...request.Option) (*UpdateSecretVersionStageOutput, error)
UpdateSecretVersionStageWithContext is the same as UpdateSecretVersionStage with the addition of the ability to pass a context and additional request options.
See UpdateSecretVersionStage for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) UpdateSecretWithContext(ctx aws.Context, input *UpdateSecretInput, opts ...request.Option) (*UpdateSecretOutput, error)
UpdateSecretWithContext is the same as UpdateSecret with the addition of the ability to pass a context and additional request options.
See UpdateSecret for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (c *SecretsManager) ValidateResourcePolicy(input *ValidateResourcePolicyInput) (*ValidateResourcePolicyOutput, error)
ValidateResourcePolicy API operation for AWS Secrets Manager.
Validates that a resource policy does not grant a wide range of principals access to your secret. A resource-based policy is optional for secrets.
The API performs three checks when validating the policy:
Sends a call to Zelkova (https://aws.amazon.com/blogs/security/protect-sensitive-data-in-the-cloud-with-automated-reasoning-zelkova/), an automated reasoning engine, to ensure your resource policy does not allow broad access to your secret, for example policies that use a wildcard for the principal.
Checks for correct syntax in a policy.
Verifies the policy does not lock out a caller.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html).
Required permissions: secretsmanager:ValidateResourcePolicy and secretsmanager:PutResourcePolicy. For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html).
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS Secrets Manager's API operation ValidateResourcePolicy for usage and error information.
Returned Error Types:
MalformedPolicyDocumentException The resource policy has syntax errors.
ResourceNotFoundException Secrets Manager can't find the resource that you asked for.
InvalidParameterException The parameter name or value is invalid.
InternalServiceError An error occurred on the server side.
InvalidRequestException A parameter value is not valid for the current state of the resource.
Possible causes:
The secret is scheduled for deletion.
You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html).
func (c *SecretsManager) ValidateResourcePolicyRequest(input *ValidateResourcePolicyInput) (req *request.Request, output *ValidateResourcePolicyOutput)
ValidateResourcePolicyRequest generates a "aws/request.Request" representing the client's request for the ValidateResourcePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See ValidateResourcePolicy for more information on using the ValidateResourcePolicy API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the ValidateResourcePolicyRequest method. req, resp := client.ValidateResourcePolicyRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
func (c *SecretsManager) ValidateResourcePolicyWithContext(ctx aws.Context, input *ValidateResourcePolicyInput, opts ...request.Option) (*ValidateResourcePolicyOutput, error)
ValidateResourcePolicyWithContext is the same as ValidateResourcePolicy with the addition of the ability to pass a context and additional request options.
See ValidateResourcePolicy for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
type StopReplicationToReplicaInput struct { // The ARN of the primary secret. // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s StopReplicationToReplicaInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *StopReplicationToReplicaInput) SetSecretId(v string) *StopReplicationToReplicaInput
SetSecretId sets the SecretId field's value.
func (s StopReplicationToReplicaInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *StopReplicationToReplicaInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type StopReplicationToReplicaOutput struct { // The ARN of the promoted secret. The ARN is the same as the original primary // secret except the Region is changed. ARN *string `min:"20" type:"string"` // contains filtered or unexported fields }
func (s StopReplicationToReplicaOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *StopReplicationToReplicaOutput) SetARN(v string) *StopReplicationToReplicaOutput
SetARN sets the ARN field's value.
func (s StopReplicationToReplicaOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type Tag struct { // The key identifier, or name, of the tag. Key *string `min:"1" type:"string"` // The string value associated with the key of the tag. Value *string `type:"string"` // contains filtered or unexported fields }
A structure that contains information about a tag.
func (s Tag) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *Tag) SetKey(v string) *Tag
SetKey sets the Key field's value.
func (s *Tag) SetValue(v string) *Tag
SetValue sets the Value field's value.
func (s Tag) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *Tag) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type TagResourceInput struct { // The identifier for the secret to attach tags to. You can specify either the // Amazon Resource Name (ARN) or the friendly name of the secret. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // The tags to attach to the secret as a JSON text string argument. Each element // in the list consists of a Key and a Value. // // For storing multiple values, we recommend that you use a JSON text string // argument and specify key/value pairs. For more information, see Specifying // parameter values for the Amazon Web Services CLI (https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html) // in the Amazon Web Services CLI User Guide. // // Tags is a required field Tags []*Tag `type:"list" required:"true"` // contains filtered or unexported fields }
func (s TagResourceInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *TagResourceInput) SetSecretId(v string) *TagResourceInput
SetSecretId sets the SecretId field's value.
func (s *TagResourceInput) SetTags(v []*Tag) *TagResourceInput
SetTags sets the Tags field's value.
func (s TagResourceInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *TagResourceInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type TagResourceOutput struct {
// contains filtered or unexported fields
}
func (s TagResourceOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s TagResourceOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type UntagResourceInput struct { // The ARN or name of the secret. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // A list of tag key names to remove from the secret. You don't specify the // value. Both the key and its associated value are removed. // // This parameter requires a JSON text string argument. // // For storing multiple values, we recommend that you use a JSON text string // argument and specify key/value pairs. For more information, see Specifying // parameter values for the Amazon Web Services CLI (https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html) // in the Amazon Web Services CLI User Guide. // // TagKeys is a required field TagKeys []*string `type:"list" required:"true"` // contains filtered or unexported fields }
func (s UntagResourceInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *UntagResourceInput) SetSecretId(v string) *UntagResourceInput
SetSecretId sets the SecretId field's value.
func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput
SetTagKeys sets the TagKeys field's value.
func (s UntagResourceInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *UntagResourceInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type UntagResourceOutput struct {
// contains filtered or unexported fields
}
func (s UntagResourceOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s UntagResourceOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type UpdateSecretInput struct { // If you include SecretString or SecretBinary, then Secrets Manager creates // a new version for the secret, and this parameter specifies the unique identifier // for the new version. // // If you use the Amazon Web Services CLI or one of the Amazon Web Services // SDKs to call this operation, then you can leave this parameter empty. The // CLI or SDK generates a random UUID for you and includes it as the value for // this parameter in the request. // // If you generate a raw HTTP request to the Secrets Manager service endpoint, // then you must generate a ClientRequestToken and include it in the request. // // This value helps ensure idempotency. Secrets Manager uses this value to prevent // the accidental creation of duplicate versions if there are failures and retries // during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) // value to ensure uniqueness of your versions within the specified secret. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` // The description of the secret. Description *string `type:"string"` // The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt // new secret versions as well as any existing versions with the staging labels // AWSCURRENT, AWSPENDING, or AWSPREVIOUS. If you don't have kms:Encrypt permission // to the new key, Secrets Manager does not re-encrypt existing secret versions // with the new key. For more information about versions and staging labels, // see Concepts: Version (https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version). // // A key alias is always prefixed by alias/, for example alias/aws/secretsmanager. // For more information, see About aliases (https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html). // // If you set this to an empty string, Secrets Manager uses the Amazon Web Services // managed key aws/secretsmanager. If this key doesn't already exist in your // account, then Secrets Manager creates it for you automatically. All users // and roles in the Amazon Web Services account automatically have access to // use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time // significant delay in returning the result. // // You can only use the Amazon Web Services managed key aws/secretsmanager if // you call this operation using credentials from the same Amazon Web Services // account that owns the secret. If the secret is in a different account, then // you must use a customer managed key and provide the ARN of that KMS key in // this field. The user making the call must have permissions to both the secret // and the KMS key in their respective accounts. KmsKeyId *string `type:"string"` // The binary data to encrypt and store in the new version of the secret. We // recommend that you store your binary data in a file and then pass the contents // of the file as a parameter. // // Either SecretBinary or SecretString must have a value, but not both. // // You can't access this parameter in the Secrets Manager console. // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // SecretBinary is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UpdateSecretInput's // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The ARN or name of the secret. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // The text data to encrypt and store in the new version of the secret. We recommend // you use a JSON structure of key/value pairs for your secret value. // // Either SecretBinary or SecretString must have a value, but not both. // // Sensitive: This field contains sensitive information, so the service does // not include it in CloudTrail log entries. If you create your own log entries, // you must also avoid logging the information in this field. // // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UpdateSecretInput's // String and GoString methods. SecretString *string `min:"1" type:"string" sensitive:"true"` // contains filtered or unexported fields }
func (s UpdateSecretInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *UpdateSecretInput) SetClientRequestToken(v string) *UpdateSecretInput
SetClientRequestToken sets the ClientRequestToken field's value.
func (s *UpdateSecretInput) SetDescription(v string) *UpdateSecretInput
SetDescription sets the Description field's value.
func (s *UpdateSecretInput) SetKmsKeyId(v string) *UpdateSecretInput
SetKmsKeyId sets the KmsKeyId field's value.
func (s *UpdateSecretInput) SetSecretBinary(v []byte) *UpdateSecretInput
SetSecretBinary sets the SecretBinary field's value.
func (s *UpdateSecretInput) SetSecretId(v string) *UpdateSecretInput
SetSecretId sets the SecretId field's value.
func (s *UpdateSecretInput) SetSecretString(v string) *UpdateSecretInput
SetSecretString sets the SecretString field's value.
func (s UpdateSecretInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *UpdateSecretInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type UpdateSecretOutput struct { // The ARN of the secret that was updated. ARN *string `min:"20" type:"string"` // The name of the secret that was updated. Name *string `min:"1" type:"string"` // If Secrets Manager created a new version of the secret during this operation, // then VersionId contains the unique identifier of the new version. VersionId *string `min:"32" type:"string"` // contains filtered or unexported fields }
func (s UpdateSecretOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *UpdateSecretOutput) SetARN(v string) *UpdateSecretOutput
SetARN sets the ARN field's value.
func (s *UpdateSecretOutput) SetName(v string) *UpdateSecretOutput
SetName sets the Name field's value.
func (s *UpdateSecretOutput) SetVersionId(v string) *UpdateSecretOutput
SetVersionId sets the VersionId field's value.
func (s UpdateSecretOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type UpdateSecretVersionStageInput struct { // The ID of the version to add the staging label to. To remove a label from // a version, then do not specify this parameter. // // If the staging label is already attached to a different version of the secret, // then you must also specify the RemoveFromVersionId parameter. MoveToVersionId *string `min:"32" type:"string"` // The ID of the version that the staging label is to be removed from. If the // staging label you are trying to attach to one version is already attached // to a different version, then you must include this parameter and specify // the version that the label is to be removed from. If the label is attached // and you either do not specify this parameter, or the version ID does not // match, then the operation fails. RemoveFromVersionId *string `min:"32" type:"string"` // The ARN or the name of the secret with the version and staging labelsto modify. // // For an ARN, we recommend that you specify a complete ARN rather than a partial // ARN. See Finding a secret from a partial ARN (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen). // // SecretId is a required field SecretId *string `min:"1" type:"string" required:"true"` // The staging label to add to this version. // // VersionStage is a required field VersionStage *string `min:"1" type:"string" required:"true"` // contains filtered or unexported fields }
func (s UpdateSecretVersionStageInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *UpdateSecretVersionStageInput) SetMoveToVersionId(v string) *UpdateSecretVersionStageInput
SetMoveToVersionId sets the MoveToVersionId field's value.
func (s *UpdateSecretVersionStageInput) SetRemoveFromVersionId(v string) *UpdateSecretVersionStageInput
SetRemoveFromVersionId sets the RemoveFromVersionId field's value.
func (s *UpdateSecretVersionStageInput) SetSecretId(v string) *UpdateSecretVersionStageInput
SetSecretId sets the SecretId field's value.
func (s *UpdateSecretVersionStageInput) SetVersionStage(v string) *UpdateSecretVersionStageInput
SetVersionStage sets the VersionStage field's value.
func (s UpdateSecretVersionStageInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *UpdateSecretVersionStageInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type UpdateSecretVersionStageOutput struct { // The ARN of the secret that was updated. ARN *string `min:"20" type:"string"` // The name of the secret that was updated. Name *string `min:"1" type:"string"` // contains filtered or unexported fields }
func (s UpdateSecretVersionStageOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *UpdateSecretVersionStageOutput) SetARN(v string) *UpdateSecretVersionStageOutput
SetARN sets the ARN field's value.
func (s *UpdateSecretVersionStageOutput) SetName(v string) *UpdateSecretVersionStageOutput
SetName sets the Name field's value.
func (s UpdateSecretVersionStageOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type ValidateResourcePolicyInput struct { // A JSON-formatted string that contains an Amazon Web Services resource-based // policy. The policy in the string identifies who can access or manage this // secret and its versions. For example policies, see Permissions policy examples // (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html). // // ResourcePolicy is a required field ResourcePolicy *string `min:"1" type:"string" required:"true"` // The ARN or name of the secret with the resource-based policy you want to // validate. SecretId *string `min:"1" type:"string"` // contains filtered or unexported fields }
func (s ValidateResourcePolicyInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ValidateResourcePolicyInput) SetResourcePolicy(v string) *ValidateResourcePolicyInput
SetResourcePolicy sets the ResourcePolicy field's value.
func (s *ValidateResourcePolicyInput) SetSecretId(v string) *ValidateResourcePolicyInput
SetSecretId sets the SecretId field's value.
func (s ValidateResourcePolicyInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ValidateResourcePolicyInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type ValidateResourcePolicyOutput struct { // True if your policy passes validation, otherwise false. PolicyValidationPassed *bool `type:"boolean"` // Validation errors if your policy didn't pass validation. ValidationErrors []*ValidationErrorsEntry `type:"list"` // contains filtered or unexported fields }
func (s ValidateResourcePolicyOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ValidateResourcePolicyOutput) SetPolicyValidationPassed(v bool) *ValidateResourcePolicyOutput
SetPolicyValidationPassed sets the PolicyValidationPassed field's value.
func (s *ValidateResourcePolicyOutput) SetValidationErrors(v []*ValidationErrorsEntry) *ValidateResourcePolicyOutput
SetValidationErrors sets the ValidationErrors field's value.
func (s ValidateResourcePolicyOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type ValidationErrorsEntry struct { // Checks the name of the policy. CheckName *string `min:"1" type:"string"` // Displays error messages if validation encounters problems during validation // of the resource policy. ErrorMessage *string `type:"string"` // contains filtered or unexported fields }
Displays errors that occurred during validation of the resource policy.
func (s ValidationErrorsEntry) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (s *ValidationErrorsEntry) SetCheckName(v string) *ValidationErrorsEntry
SetCheckName sets the CheckName field's value.
func (s *ValidationErrorsEntry) SetErrorMessage(v string) *ValidationErrorsEntry
SetErrorMessage sets the ErrorMessage field's value.
func (s ValidationErrorsEntry) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".