AWS SDK for C++  1.9.1
AWS SDK for C++
Public Member Functions | List of all members
Aws::SecretsManager::Model::UpdateSecretRequest Class Reference

#include <UpdateSecretRequest.h>

+ Inheritance diagram for Aws::SecretsManager::Model::UpdateSecretRequest:

Public Member Functions

 UpdateSecretRequest ()
 
virtual const char * GetServiceRequestName () const override
 
Aws::String SerializePayload () const override
 
Aws::Http::HeaderValueCollection GetRequestSpecificHeaders () const override
 
const Aws::StringGetSecretId () const
 
bool SecretIdHasBeenSet () const
 
void SetSecretId (const Aws::String &value)
 
void SetSecretId (Aws::String &&value)
 
void SetSecretId (const char *value)
 
UpdateSecretRequestWithSecretId (const Aws::String &value)
 
UpdateSecretRequestWithSecretId (Aws::String &&value)
 
UpdateSecretRequestWithSecretId (const char *value)
 
const Aws::StringGetClientRequestToken () const
 
bool ClientRequestTokenHasBeenSet () const
 
void SetClientRequestToken (const Aws::String &value)
 
void SetClientRequestToken (Aws::String &&value)
 
void SetClientRequestToken (const char *value)
 
UpdateSecretRequestWithClientRequestToken (const Aws::String &value)
 
UpdateSecretRequestWithClientRequestToken (Aws::String &&value)
 
UpdateSecretRequestWithClientRequestToken (const char *value)
 
const Aws::StringGetDescription () const
 
bool DescriptionHasBeenSet () const
 
void SetDescription (const Aws::String &value)
 
void SetDescription (Aws::String &&value)
 
void SetDescription (const char *value)
 
UpdateSecretRequestWithDescription (const Aws::String &value)
 
UpdateSecretRequestWithDescription (Aws::String &&value)
 
UpdateSecretRequestWithDescription (const char *value)
 
const Aws::StringGetKmsKeyId () const
 
bool KmsKeyIdHasBeenSet () const
 
void SetKmsKeyId (const Aws::String &value)
 
void SetKmsKeyId (Aws::String &&value)
 
void SetKmsKeyId (const char *value)
 
UpdateSecretRequestWithKmsKeyId (const Aws::String &value)
 
UpdateSecretRequestWithKmsKeyId (Aws::String &&value)
 
UpdateSecretRequestWithKmsKeyId (const char *value)
 
const Aws::Utils::CryptoBufferGetSecretBinary () const
 
bool SecretBinaryHasBeenSet () const
 
void SetSecretBinary (const Aws::Utils::CryptoBuffer &value)
 
void SetSecretBinary (Aws::Utils::CryptoBuffer &&value)
 
UpdateSecretRequestWithSecretBinary (const Aws::Utils::CryptoBuffer &value)
 
UpdateSecretRequestWithSecretBinary (Aws::Utils::CryptoBuffer &&value)
 
const Aws::StringGetSecretString () const
 
bool SecretStringHasBeenSet () const
 
void SetSecretString (const Aws::String &value)
 
void SetSecretString (Aws::String &&value)
 
void SetSecretString (const char *value)
 
UpdateSecretRequestWithSecretString (const Aws::String &value)
 
UpdateSecretRequestWithSecretString (Aws::String &&value)
 
UpdateSecretRequestWithSecretString (const char *value)
 
- Public Member Functions inherited from Aws::SecretsManager::SecretsManagerRequest
virtual ~SecretsManagerRequest ()
 
void AddParametersToRequest (Aws::Http::HttpRequest &httpRequest) const
 
Aws::Http::HeaderValueCollection GetHeaders () const override
 
- Public Member Functions inherited from Aws::AmazonSerializableWebServiceRequest
 AmazonSerializableWebServiceRequest ()
 
virtual ~AmazonSerializableWebServiceRequest ()
 
std::shared_ptr< Aws::IOStreamGetBody () const override
 
- Public Member Functions inherited from Aws::AmazonWebServiceRequest
 AmazonWebServiceRequest ()
 
virtual ~AmazonWebServiceRequest ()=default
 
virtual void AddQueryStringParameters (Aws::Http::URI &uri) const
 
virtual void PutToPresignedUrl (Aws::Http::URI &uri) const
 
virtual bool IsStreaming () const
 
virtual bool IsEventStreamRequest () const
 
virtual bool SignBody () const
 
virtual bool IsChunked () const
 
virtual void SetRequestSignedHandler (const RequestSignedHandler &handler)
 
virtual const RequestSignedHandlerGetRequestSignedHandler () const
 
const Aws::IOStreamFactoryGetResponseStreamFactory () const
 
void SetResponseStreamFactory (const Aws::IOStreamFactory &factory)
 
virtual void SetDataReceivedEventHandler (const Aws::Http::DataReceivedEventHandler &dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (const Aws::Http::DataSentEventHandler &dataSentEventHandler)
 
virtual void SetContinueRequestHandler (const Aws::Http::ContinueRequestHandler &continueRequestHandler)
 
virtual void SetDataReceivedEventHandler (Aws::Http::DataReceivedEventHandler &&dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (Aws::Http::DataSentEventHandler &&dataSentEventHandler)
 
virtual void SetContinueRequestHandler (Aws::Http::ContinueRequestHandler &&continueRequestHandler)
 
virtual void SetRequestRetryHandler (const RequestRetryHandler &handler)
 
virtual void SetRequestRetryHandler (RequestRetryHandler &&handler)
 
virtual const Aws::Http::DataReceivedEventHandlerGetDataReceivedEventHandler () const
 
virtual const Aws::Http::DataSentEventHandlerGetDataSentEventHandler () const
 
virtual const Aws::Http::ContinueRequestHandlerGetContinueRequestHandler () const
 
virtual const RequestRetryHandlerGetRequestRetryHandler () const
 
virtual bool ShouldComputeContentMd5 () const
 

Additional Inherited Members

- Protected Member Functions inherited from Aws::AmazonWebServiceRequest
virtual void DumpBodyToUrl (Aws::Http::URI &uri) const
 

Detailed Description

Definition at line 23 of file UpdateSecretRequest.h.

Constructor & Destructor Documentation

◆ UpdateSecretRequest()

Aws::SecretsManager::Model::UpdateSecretRequest::UpdateSecretRequest ( )

Member Function Documentation

◆ ClientRequestTokenHasBeenSet()

bool Aws::SecretsManager::Model::UpdateSecretRequest::ClientRequestTokenHasBeenSet ( ) const
inline

(Optional) If you want to add a new version to the secret, this parameter specifies a unique identifier for the new version that helps ensure idempotency.

If you use the AWS CLI or one of the AWS SDK to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes that in the request. If you don't use the SDK and instead generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a ClientRequestToken yourself for new versions and include that value in the request.

You typically only need to interact with this value if you implement your own retry logic and want to ensure that a given secret is not created twice. We recommend that you generate a UUID-type value to ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during the Lambda rotation function's processing.

  • If the ClientRequestToken value isn't already associated with a version of the secret then a new version of the secret is created.

  • If a version with this value already exists and that version's SecretString and SecretBinary values are the same as those in the request then the request is ignored (the operation is idempotent).

  • If a version with this value already exists and that version's SecretString and SecretBinary values are different from the request then an error occurs because you cannot modify an existing secret value.

This value becomes the VersionId of the new version.

Definition at line 270 of file UpdateSecretRequest.h.

◆ DescriptionHasBeenSet()

bool Aws::SecretsManager::Model::UpdateSecretRequest::DescriptionHasBeenSet ( ) const
inline

(Optional) Specifies an updated user-provided description of the secret.

Definition at line 449 of file UpdateSecretRequest.h.

◆ GetClientRequestToken()

const Aws::String& Aws::SecretsManager::Model::UpdateSecretRequest::GetClientRequestToken ( ) const
inline

(Optional) If you want to add a new version to the secret, this parameter specifies a unique identifier for the new version that helps ensure idempotency.

If you use the AWS CLI or one of the AWS SDK to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes that in the request. If you don't use the SDK and instead generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a ClientRequestToken yourself for new versions and include that value in the request.

You typically only need to interact with this value if you implement your own retry logic and want to ensure that a given secret is not created twice. We recommend that you generate a UUID-type value to ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during the Lambda rotation function's processing.

  • If the ClientRequestToken value isn't already associated with a version of the secret then a new version of the secret is created.

  • If a version with this value already exists and that version's SecretString and SecretBinary values are the same as those in the request then the request is ignored (the operation is idempotent).

  • If a version with this value already exists and that version's SecretString and SecretBinary values are different from the request then an error occurs because you cannot modify an existing secret value.

This value becomes the VersionId of the new version.

Definition at line 242 of file UpdateSecretRequest.h.

◆ GetDescription()

const Aws::String& Aws::SecretsManager::Model::UpdateSecretRequest::GetDescription ( ) const
inline

(Optional) Specifies an updated user-provided description of the secret.

Definition at line 444 of file UpdateSecretRequest.h.

◆ GetKmsKeyId()

const Aws::String& Aws::SecretsManager::Model::UpdateSecretRequest::GetKmsKeyId ( ) const
inline

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected text in new versions of this secret.

You can only use the account's default CMK to encrypt and decrypt if you call this operation using credentials from the same account that owns the secret. If the secret is in a different account, then you must create a custom CMK and provide the ARN of that CMK in this field. The user making the call must have permissions to both the secret and the CMK in their respective accounts.

Definition at line 492 of file UpdateSecretRequest.h.

◆ GetRequestSpecificHeaders()

Aws::Http::HeaderValueCollection Aws::SecretsManager::Model::UpdateSecretRequest::GetRequestSpecificHeaders ( ) const
overridevirtual

◆ GetSecretBinary()

const Aws::Utils::CryptoBuffer& Aws::SecretsManager::Model::UpdateSecretRequest::GetSecretBinary ( ) const
inline

(Optional) Specifies updated binary data that you want to encrypt and store in the new version of the secret. To use this parameter in the command-line tools, we recommend that you store your binary data in a file and then use the appropriate technique for your tool to pass the contents of the file as a parameter. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

This parameter is not accessible using the Secrets Manager console.

Definition at line 588 of file UpdateSecretRequest.h.

◆ GetSecretId()

const Aws::String& Aws::SecretsManager::Model::UpdateSecretRequest::GetSecretId ( ) const
inline

Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

If you specify an ARN, we generally recommend that you specify a complete ARN. You can specify a partial ARN too—for example, if you don’t include the final hyphen and six random characters that Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match can work as long as it uniquely matches only one secret. However, if your secret has a name that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, then those characters cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can cause unexpected results. To avoid this situation, we recommend that you don’t create secret names ending with a hyphen followed by six characters.

If you specify an incomplete ARN without the random suffix, and instead provide the 'friendly name', you must not include the random suffix. If you do include the random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, depending on your permissions.

Definition at line 59 of file UpdateSecretRequest.h.

◆ GetSecretString()

const Aws::String& Aws::SecretsManager::Model::UpdateSecretRequest::GetSecretString ( ) const
inline

(Optional) Specifies updated text data that you want to encrypt and store in this new version of the secret. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

If you create this secret by using the Secrets Manager console then Secrets Manager puts the protected secret text in only the SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse.

For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. For information on how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the AWS CLI User Guide. For example:

[{"username":"bob"},{"password":"abc123xyz456"}]

If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. You can also 'escape' the double quote character in the embedded JSON text by prefacing each with a backslash. For example, the following string is surrounded by double-quotes. All of the embedded double quotes are escaped:

"[{\"username":"bob"},{"password":"abc123xyz456"}]"

Definition at line 669 of file UpdateSecretRequest.h.

◆ GetServiceRequestName()

virtual const char* Aws::SecretsManager::Model::UpdateSecretRequest::GetServiceRequestName ( ) const
inlineoverridevirtual

Implements Aws::AmazonWebServiceRequest.

Definition at line 32 of file UpdateSecretRequest.h.

◆ KmsKeyIdHasBeenSet()

bool Aws::SecretsManager::Model::UpdateSecretRequest::KmsKeyIdHasBeenSet ( ) const
inline

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected text in new versions of this secret.

You can only use the account's default CMK to encrypt and decrypt if you call this operation using credentials from the same account that owns the secret. If the secret is in a different account, then you must create a custom CMK and provide the ARN of that CMK in this field. The user making the call must have permissions to both the secret and the CMK in their respective accounts.

Definition at line 504 of file UpdateSecretRequest.h.

◆ SecretBinaryHasBeenSet()

bool Aws::SecretsManager::Model::UpdateSecretRequest::SecretBinaryHasBeenSet ( ) const
inline

(Optional) Specifies updated binary data that you want to encrypt and store in the new version of the secret. To use this parameter in the command-line tools, we recommend that you store your binary data in a file and then use the appropriate technique for your tool to pass the contents of the file as a parameter. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

This parameter is not accessible using the Secrets Manager console.

Definition at line 599 of file UpdateSecretRequest.h.

◆ SecretIdHasBeenSet()

bool Aws::SecretsManager::Model::UpdateSecretRequest::SecretIdHasBeenSet ( ) const
inline

Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

If you specify an ARN, we generally recommend that you specify a complete ARN. You can specify a partial ARN too—for example, if you don’t include the final hyphen and six random characters that Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match can work as long as it uniquely matches only one secret. However, if your secret has a name that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, then those characters cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can cause unexpected results. To avoid this situation, we recommend that you don’t create secret names ending with a hyphen followed by six characters.

If you specify an incomplete ARN without the random suffix, and instead provide the 'friendly name', you must not include the random suffix. If you do include the random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, depending on your permissions.

Definition at line 81 of file UpdateSecretRequest.h.

◆ SecretStringHasBeenSet()

bool Aws::SecretsManager::Model::UpdateSecretRequest::SecretStringHasBeenSet ( ) const
inline

(Optional) Specifies updated text data that you want to encrypt and store in this new version of the secret. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

If you create this secret by using the Secrets Manager console then Secrets Manager puts the protected secret text in only the SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse.

For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. For information on how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the AWS CLI User Guide. For example:

[{"username":"bob"},{"password":"abc123xyz456"}]

If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. You can also 'escape' the double quote character in the embedded JSON text by prefacing each with a backslash. For example, the following string is surrounded by double-quotes. All of the embedded double quotes are escaped:

"[{\"username":"bob"},{"password":"abc123xyz456"}]"

Definition at line 694 of file UpdateSecretRequest.h.

◆ SerializePayload()

Aws::String Aws::SecretsManager::Model::UpdateSecretRequest::SerializePayload ( ) const
overridevirtual

Convert payload into String.

Implements Aws::AmazonSerializableWebServiceRequest.

◆ SetClientRequestToken() [1/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetClientRequestToken ( Aws::String &&  value)
inline

(Optional) If you want to add a new version to the secret, this parameter specifies a unique identifier for the new version that helps ensure idempotency.

If you use the AWS CLI or one of the AWS SDK to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes that in the request. If you don't use the SDK and instead generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a ClientRequestToken yourself for new versions and include that value in the request.

You typically only need to interact with this value if you implement your own retry logic and want to ensure that a given secret is not created twice. We recommend that you generate a UUID-type value to ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during the Lambda rotation function's processing.

  • If the ClientRequestToken value isn't already associated with a version of the secret then a new version of the secret is created.

  • If a version with this value already exists and that version's SecretString and SecretBinary values are the same as those in the request then the request is ignored (the operation is idempotent).

  • If a version with this value already exists and that version's SecretString and SecretBinary values are different from the request then an error occurs because you cannot modify an existing secret value.

This value becomes the VersionId of the new version.

Definition at line 326 of file UpdateSecretRequest.h.

◆ SetClientRequestToken() [2/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetClientRequestToken ( const Aws::String value)
inline

(Optional) If you want to add a new version to the secret, this parameter specifies a unique identifier for the new version that helps ensure idempotency.

If you use the AWS CLI or one of the AWS SDK to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes that in the request. If you don't use the SDK and instead generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a ClientRequestToken yourself for new versions and include that value in the request.

You typically only need to interact with this value if you implement your own retry logic and want to ensure that a given secret is not created twice. We recommend that you generate a UUID-type value to ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during the Lambda rotation function's processing.

  • If the ClientRequestToken value isn't already associated with a version of the secret then a new version of the secret is created.

  • If a version with this value already exists and that version's SecretString and SecretBinary values are the same as those in the request then the request is ignored (the operation is idempotent).

  • If a version with this value already exists and that version's SecretString and SecretBinary values are different from the request then an error occurs because you cannot modify an existing secret value.

This value becomes the VersionId of the new version.

Definition at line 298 of file UpdateSecretRequest.h.

◆ SetClientRequestToken() [3/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetClientRequestToken ( const char *  value)
inline

(Optional) If you want to add a new version to the secret, this parameter specifies a unique identifier for the new version that helps ensure idempotency.

If you use the AWS CLI or one of the AWS SDK to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes that in the request. If you don't use the SDK and instead generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a ClientRequestToken yourself for new versions and include that value in the request.

You typically only need to interact with this value if you implement your own retry logic and want to ensure that a given secret is not created twice. We recommend that you generate a UUID-type value to ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during the Lambda rotation function's processing.

  • If the ClientRequestToken value isn't already associated with a version of the secret then a new version of the secret is created.

  • If a version with this value already exists and that version's SecretString and SecretBinary values are the same as those in the request then the request is ignored (the operation is idempotent).

  • If a version with this value already exists and that version's SecretString and SecretBinary values are different from the request then an error occurs because you cannot modify an existing secret value.

This value becomes the VersionId of the new version.

Definition at line 354 of file UpdateSecretRequest.h.

◆ SetDescription() [1/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetDescription ( Aws::String &&  value)
inline

(Optional) Specifies an updated user-provided description of the secret.

Definition at line 459 of file UpdateSecretRequest.h.

◆ SetDescription() [2/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetDescription ( const Aws::String value)
inline

(Optional) Specifies an updated user-provided description of the secret.

Definition at line 454 of file UpdateSecretRequest.h.

◆ SetDescription() [3/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetDescription ( const char *  value)
inline

(Optional) Specifies an updated user-provided description of the secret.

Definition at line 464 of file UpdateSecretRequest.h.

◆ SetKmsKeyId() [1/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetKmsKeyId ( Aws::String &&  value)
inline

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected text in new versions of this secret.

You can only use the account's default CMK to encrypt and decrypt if you call this operation using credentials from the same account that owns the secret. If the secret is in a different account, then you must create a custom CMK and provide the ARN of that CMK in this field. The user making the call must have permissions to both the secret and the CMK in their respective accounts.

Definition at line 528 of file UpdateSecretRequest.h.

◆ SetKmsKeyId() [2/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetKmsKeyId ( const Aws::String value)
inline

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected text in new versions of this secret.

You can only use the account's default CMK to encrypt and decrypt if you call this operation using credentials from the same account that owns the secret. If the secret is in a different account, then you must create a custom CMK and provide the ARN of that CMK in this field. The user making the call must have permissions to both the secret and the CMK in their respective accounts.

Definition at line 516 of file UpdateSecretRequest.h.

◆ SetKmsKeyId() [3/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetKmsKeyId ( const char *  value)
inline

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected text in new versions of this secret.

You can only use the account's default CMK to encrypt and decrypt if you call this operation using credentials from the same account that owns the secret. If the secret is in a different account, then you must create a custom CMK and provide the ARN of that CMK in this field. The user making the call must have permissions to both the secret and the CMK in their respective accounts.

Definition at line 540 of file UpdateSecretRequest.h.

◆ SetSecretBinary() [1/2]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetSecretBinary ( Aws::Utils::CryptoBuffer &&  value)
inline

(Optional) Specifies updated binary data that you want to encrypt and store in the new version of the secret. To use this parameter in the command-line tools, we recommend that you store your binary data in a file and then use the appropriate technique for your tool to pass the contents of the file as a parameter. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

This parameter is not accessible using the Secrets Manager console.

Definition at line 621 of file UpdateSecretRequest.h.

◆ SetSecretBinary() [2/2]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetSecretBinary ( const Aws::Utils::CryptoBuffer value)
inline

(Optional) Specifies updated binary data that you want to encrypt and store in the new version of the secret. To use this parameter in the command-line tools, we recommend that you store your binary data in a file and then use the appropriate technique for your tool to pass the contents of the file as a parameter. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

This parameter is not accessible using the Secrets Manager console.

Definition at line 610 of file UpdateSecretRequest.h.

◆ SetSecretId() [1/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetSecretId ( Aws::String &&  value)
inline

Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

If you specify an ARN, we generally recommend that you specify a complete ARN. You can specify a partial ARN too—for example, if you don’t include the final hyphen and six random characters that Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match can work as long as it uniquely matches only one secret. However, if your secret has a name that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, then those characters cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can cause unexpected results. To avoid this situation, we recommend that you don’t create secret names ending with a hyphen followed by six characters.

If you specify an incomplete ARN without the random suffix, and instead provide the 'friendly name', you must not include the random suffix. If you do include the random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, depending on your permissions.

Definition at line 125 of file UpdateSecretRequest.h.

◆ SetSecretId() [2/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetSecretId ( const Aws::String value)
inline

Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

If you specify an ARN, we generally recommend that you specify a complete ARN. You can specify a partial ARN too—for example, if you don’t include the final hyphen and six random characters that Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match can work as long as it uniquely matches only one secret. However, if your secret has a name that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, then those characters cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can cause unexpected results. To avoid this situation, we recommend that you don’t create secret names ending with a hyphen followed by six characters.

If you specify an incomplete ARN without the random suffix, and instead provide the 'friendly name', you must not include the random suffix. If you do include the random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, depending on your permissions.

Definition at line 103 of file UpdateSecretRequest.h.

◆ SetSecretId() [3/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetSecretId ( const char *  value)
inline

Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

If you specify an ARN, we generally recommend that you specify a complete ARN. You can specify a partial ARN too—for example, if you don’t include the final hyphen and six random characters that Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match can work as long as it uniquely matches only one secret. However, if your secret has a name that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, then those characters cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can cause unexpected results. To avoid this situation, we recommend that you don’t create secret names ending with a hyphen followed by six characters.

If you specify an incomplete ARN without the random suffix, and instead provide the 'friendly name', you must not include the random suffix. If you do include the random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, depending on your permissions.

Definition at line 147 of file UpdateSecretRequest.h.

◆ SetSecretString() [1/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetSecretString ( Aws::String &&  value)
inline

(Optional) Specifies updated text data that you want to encrypt and store in this new version of the secret. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

If you create this secret by using the Secrets Manager console then Secrets Manager puts the protected secret text in only the SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse.

For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. For information on how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the AWS CLI User Guide. For example:

[{"username":"bob"},{"password":"abc123xyz456"}]

If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. You can also 'escape' the double quote character in the embedded JSON text by prefacing each with a backslash. For example, the following string is surrounded by double-quotes. All of the embedded double quotes are escaped:

"[{\"username":"bob"},{"password":"abc123xyz456"}]"

Definition at line 744 of file UpdateSecretRequest.h.

◆ SetSecretString() [2/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetSecretString ( const Aws::String value)
inline

(Optional) Specifies updated text data that you want to encrypt and store in this new version of the secret. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

If you create this secret by using the Secrets Manager console then Secrets Manager puts the protected secret text in only the SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse.

For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. For information on how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the AWS CLI User Guide. For example:

[{"username":"bob"},{"password":"abc123xyz456"}]

If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. You can also 'escape' the double quote character in the embedded JSON text by prefacing each with a backslash. For example, the following string is surrounded by double-quotes. All of the embedded double quotes are escaped:

"[{\"username":"bob"},{"password":"abc123xyz456"}]"

Definition at line 719 of file UpdateSecretRequest.h.

◆ SetSecretString() [3/3]

void Aws::SecretsManager::Model::UpdateSecretRequest::SetSecretString ( const char *  value)
inline

(Optional) Specifies updated text data that you want to encrypt and store in this new version of the secret. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

If you create this secret by using the Secrets Manager console then Secrets Manager puts the protected secret text in only the SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse.

For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. For information on how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the AWS CLI User Guide. For example:

[{"username":"bob"},{"password":"abc123xyz456"}]

If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. You can also 'escape' the double quote character in the embedded JSON text by prefacing each with a backslash. For example, the following string is surrounded by double-quotes. All of the embedded double quotes are escaped:

"[{\"username":"bob"},{"password":"abc123xyz456"}]"

Definition at line 769 of file UpdateSecretRequest.h.

◆ WithClientRequestToken() [1/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithClientRequestToken ( Aws::String &&  value)
inline

(Optional) If you want to add a new version to the secret, this parameter specifies a unique identifier for the new version that helps ensure idempotency.

If you use the AWS CLI or one of the AWS SDK to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes that in the request. If you don't use the SDK and instead generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a ClientRequestToken yourself for new versions and include that value in the request.

You typically only need to interact with this value if you implement your own retry logic and want to ensure that a given secret is not created twice. We recommend that you generate a UUID-type value to ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during the Lambda rotation function's processing.

  • If the ClientRequestToken value isn't already associated with a version of the secret then a new version of the secret is created.

  • If a version with this value already exists and that version's SecretString and SecretBinary values are the same as those in the request then the request is ignored (the operation is idempotent).

  • If a version with this value already exists and that version's SecretString and SecretBinary values are different from the request then an error occurs because you cannot modify an existing secret value.

This value becomes the VersionId of the new version.

Definition at line 410 of file UpdateSecretRequest.h.

◆ WithClientRequestToken() [2/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithClientRequestToken ( const Aws::String value)
inline

(Optional) If you want to add a new version to the secret, this parameter specifies a unique identifier for the new version that helps ensure idempotency.

If you use the AWS CLI or one of the AWS SDK to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes that in the request. If you don't use the SDK and instead generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a ClientRequestToken yourself for new versions and include that value in the request.

You typically only need to interact with this value if you implement your own retry logic and want to ensure that a given secret is not created twice. We recommend that you generate a UUID-type value to ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during the Lambda rotation function's processing.

  • If the ClientRequestToken value isn't already associated with a version of the secret then a new version of the secret is created.

  • If a version with this value already exists and that version's SecretString and SecretBinary values are the same as those in the request then the request is ignored (the operation is idempotent).

  • If a version with this value already exists and that version's SecretString and SecretBinary values are different from the request then an error occurs because you cannot modify an existing secret value.

This value becomes the VersionId of the new version.

Definition at line 382 of file UpdateSecretRequest.h.

◆ WithClientRequestToken() [3/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithClientRequestToken ( const char *  value)
inline

(Optional) If you want to add a new version to the secret, this parameter specifies a unique identifier for the new version that helps ensure idempotency.

If you use the AWS CLI or one of the AWS SDK to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes that in the request. If you don't use the SDK and instead generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a ClientRequestToken yourself for new versions and include that value in the request.

You typically only need to interact with this value if you implement your own retry logic and want to ensure that a given secret is not created twice. We recommend that you generate a UUID-type value to ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during the Lambda rotation function's processing.

  • If the ClientRequestToken value isn't already associated with a version of the secret then a new version of the secret is created.

  • If a version with this value already exists and that version's SecretString and SecretBinary values are the same as those in the request then the request is ignored (the operation is idempotent).

  • If a version with this value already exists and that version's SecretString and SecretBinary values are different from the request then an error occurs because you cannot modify an existing secret value.

This value becomes the VersionId of the new version.

Definition at line 438 of file UpdateSecretRequest.h.

◆ WithDescription() [1/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithDescription ( Aws::String &&  value)
inline

(Optional) Specifies an updated user-provided description of the secret.

Definition at line 474 of file UpdateSecretRequest.h.

◆ WithDescription() [2/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithDescription ( const Aws::String value)
inline

(Optional) Specifies an updated user-provided description of the secret.

Definition at line 469 of file UpdateSecretRequest.h.

◆ WithDescription() [3/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithDescription ( const char *  value)
inline

(Optional) Specifies an updated user-provided description of the secret.

Definition at line 479 of file UpdateSecretRequest.h.

◆ WithKmsKeyId() [1/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithKmsKeyId ( Aws::String &&  value)
inline

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected text in new versions of this secret.

You can only use the account's default CMK to encrypt and decrypt if you call this operation using credentials from the same account that owns the secret. If the secret is in a different account, then you must create a custom CMK and provide the ARN of that CMK in this field. The user making the call must have permissions to both the secret and the CMK in their respective accounts.

Definition at line 564 of file UpdateSecretRequest.h.

◆ WithKmsKeyId() [2/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithKmsKeyId ( const Aws::String value)
inline

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected text in new versions of this secret.

You can only use the account's default CMK to encrypt and decrypt if you call this operation using credentials from the same account that owns the secret. If the secret is in a different account, then you must create a custom CMK and provide the ARN of that CMK in this field. The user making the call must have permissions to both the secret and the CMK in their respective accounts.

Definition at line 552 of file UpdateSecretRequest.h.

◆ WithKmsKeyId() [3/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithKmsKeyId ( const char *  value)
inline

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected text in new versions of this secret.

You can only use the account's default CMK to encrypt and decrypt if you call this operation using credentials from the same account that owns the secret. If the secret is in a different account, then you must create a custom CMK and provide the ARN of that CMK in this field. The user making the call must have permissions to both the secret and the CMK in their respective accounts.

Definition at line 576 of file UpdateSecretRequest.h.

◆ WithSecretBinary() [1/2]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithSecretBinary ( Aws::Utils::CryptoBuffer &&  value)
inline

(Optional) Specifies updated binary data that you want to encrypt and store in the new version of the secret. To use this parameter in the command-line tools, we recommend that you store your binary data in a file and then use the appropriate technique for your tool to pass the contents of the file as a parameter. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

This parameter is not accessible using the Secrets Manager console.

Definition at line 643 of file UpdateSecretRequest.h.

◆ WithSecretBinary() [2/2]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithSecretBinary ( const Aws::Utils::CryptoBuffer value)
inline

(Optional) Specifies updated binary data that you want to encrypt and store in the new version of the secret. To use this parameter in the command-line tools, we recommend that you store your binary data in a file and then use the appropriate technique for your tool to pass the contents of the file as a parameter. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

This parameter is not accessible using the Secrets Manager console.

Definition at line 632 of file UpdateSecretRequest.h.

◆ WithSecretId() [1/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithSecretId ( Aws::String &&  value)
inline

Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

If you specify an ARN, we generally recommend that you specify a complete ARN. You can specify a partial ARN too—for example, if you don’t include the final hyphen and six random characters that Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match can work as long as it uniquely matches only one secret. However, if your secret has a name that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, then those characters cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can cause unexpected results. To avoid this situation, we recommend that you don’t create secret names ending with a hyphen followed by six characters.

If you specify an incomplete ARN without the random suffix, and instead provide the 'friendly name', you must not include the random suffix. If you do include the random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, depending on your permissions.

Definition at line 191 of file UpdateSecretRequest.h.

◆ WithSecretId() [2/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithSecretId ( const Aws::String value)
inline

Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

If you specify an ARN, we generally recommend that you specify a complete ARN. You can specify a partial ARN too—for example, if you don’t include the final hyphen and six random characters that Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match can work as long as it uniquely matches only one secret. However, if your secret has a name that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, then those characters cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can cause unexpected results. To avoid this situation, we recommend that you don’t create secret names ending with a hyphen followed by six characters.

If you specify an incomplete ARN without the random suffix, and instead provide the 'friendly name', you must not include the random suffix. If you do include the random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, depending on your permissions.

Definition at line 169 of file UpdateSecretRequest.h.

◆ WithSecretId() [3/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithSecretId ( const char *  value)
inline

Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.

If you specify an ARN, we generally recommend that you specify a complete ARN. You can specify a partial ARN too—for example, if you don’t include the final hyphen and six random characters that Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match can work as long as it uniquely matches only one secret. However, if your secret has a name that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, then those characters cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can cause unexpected results. To avoid this situation, we recommend that you don’t create secret names ending with a hyphen followed by six characters.

If you specify an incomplete ARN without the random suffix, and instead provide the 'friendly name', you must not include the random suffix. If you do include the random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, depending on your permissions.

Definition at line 213 of file UpdateSecretRequest.h.

◆ WithSecretString() [1/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithSecretString ( Aws::String &&  value)
inline

(Optional) Specifies updated text data that you want to encrypt and store in this new version of the secret. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

If you create this secret by using the Secrets Manager console then Secrets Manager puts the protected secret text in only the SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse.

For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. For information on how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the AWS CLI User Guide. For example:

[{"username":"bob"},{"password":"abc123xyz456"}]

If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. You can also 'escape' the double quote character in the embedded JSON text by prefacing each with a backslash. For example, the following string is surrounded by double-quotes. All of the embedded double quotes are escaped:

"[{\"username":"bob"},{"password":"abc123xyz456"}]"

Definition at line 819 of file UpdateSecretRequest.h.

◆ WithSecretString() [2/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithSecretString ( const Aws::String value)
inline

(Optional) Specifies updated text data that you want to encrypt and store in this new version of the secret. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

If you create this secret by using the Secrets Manager console then Secrets Manager puts the protected secret text in only the SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse.

For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. For information on how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the AWS CLI User Guide. For example:

[{"username":"bob"},{"password":"abc123xyz456"}]

If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. You can also 'escape' the double quote character in the embedded JSON text by prefacing each with a backslash. For example, the following string is surrounded by double-quotes. All of the embedded double quotes are escaped:

"[{\"username":"bob"},{"password":"abc123xyz456"}]"

Definition at line 794 of file UpdateSecretRequest.h.

◆ WithSecretString() [3/3]

UpdateSecretRequest& Aws::SecretsManager::Model::UpdateSecretRequest::WithSecretString ( const char *  value)
inline

(Optional) Specifies updated text data that you want to encrypt and store in this new version of the secret. Either SecretBinary or SecretString must have a value, but not both. They cannot both be empty.

If you create this secret by using the Secrets Manager console then Secrets Manager puts the protected secret text in only the SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse.

For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. For information on how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the AWS CLI User Guide. For example:

[{"username":"bob"},{"password":"abc123xyz456"}]

If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. You can also 'escape' the double quote character in the embedded JSON text by prefacing each with a backslash. For example, the following string is surrounded by double-quotes. All of the embedded double quotes are escaped:

"[{\"username":"bob"},{"password":"abc123xyz456"}]"

Definition at line 844 of file UpdateSecretRequest.h.


The documentation for this class was generated from the following file: