Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Synopsis
- defaultService :: Service
- _DecryptionFailure :: AsError a => Fold a ServiceError
- _EncryptionFailure :: AsError a => Fold a ServiceError
- _InternalServiceError :: AsError a => Fold a ServiceError
- _InvalidNextTokenException :: AsError a => Fold a ServiceError
- _InvalidParameterException :: AsError a => Fold a ServiceError
- _InvalidRequestException :: AsError a => Fold a ServiceError
- _LimitExceededException :: AsError a => Fold a ServiceError
- _MalformedPolicyDocumentException :: AsError a => Fold a ServiceError
- _PreconditionNotMetException :: AsError a => Fold a ServiceError
- _PublicPolicyException :: AsError a => Fold a ServiceError
- _ResourceExistsException :: AsError a => Fold a ServiceError
- _ResourceNotFoundException :: AsError a => Fold a ServiceError
- newtype FilterNameStringType where
- FilterNameStringType' { }
- pattern FilterNameStringType_All :: FilterNameStringType
- pattern FilterNameStringType_Description :: FilterNameStringType
- pattern FilterNameStringType_Name :: FilterNameStringType
- pattern FilterNameStringType_Owning_service :: FilterNameStringType
- pattern FilterNameStringType_Primary_region :: FilterNameStringType
- pattern FilterNameStringType_Tag_key :: FilterNameStringType
- pattern FilterNameStringType_Tag_value :: FilterNameStringType
- newtype SortOrderType where
- SortOrderType' { }
- pattern SortOrderType_Asc :: SortOrderType
- pattern SortOrderType_Desc :: SortOrderType
- newtype StatusType where
- StatusType' { }
- pattern StatusType_Failed :: StatusType
- pattern StatusType_InProgress :: StatusType
- pattern StatusType_InSync :: StatusType
- data Filter = Filter' {}
- newFilter :: Filter
- filter_key :: Lens' Filter (Maybe FilterNameStringType)
- filter_values :: Lens' Filter (Maybe (NonEmpty Text))
- data ReplicaRegionType = ReplicaRegionType' {}
- newReplicaRegionType :: ReplicaRegionType
- replicaRegionType_kmsKeyId :: Lens' ReplicaRegionType (Maybe Text)
- replicaRegionType_region :: Lens' ReplicaRegionType (Maybe Text)
- data ReplicationStatusType = ReplicationStatusType' {}
- newReplicationStatusType :: ReplicationStatusType
- replicationStatusType_kmsKeyId :: Lens' ReplicationStatusType (Maybe Text)
- replicationStatusType_lastAccessedDate :: Lens' ReplicationStatusType (Maybe UTCTime)
- replicationStatusType_region :: Lens' ReplicationStatusType (Maybe Text)
- replicationStatusType_status :: Lens' ReplicationStatusType (Maybe StatusType)
- replicationStatusType_statusMessage :: Lens' ReplicationStatusType (Maybe Text)
- data RotationRulesType = RotationRulesType' {}
- newRotationRulesType :: RotationRulesType
- rotationRulesType_automaticallyAfterDays :: Lens' RotationRulesType (Maybe Natural)
- rotationRulesType_duration :: Lens' RotationRulesType (Maybe Text)
- rotationRulesType_scheduleExpression :: Lens' RotationRulesType (Maybe Text)
- data SecretListEntry = SecretListEntry' {
- arn :: Maybe Text
- createdDate :: Maybe POSIX
- deletedDate :: Maybe POSIX
- description :: Maybe Text
- kmsKeyId :: Maybe Text
- lastAccessedDate :: Maybe POSIX
- lastChangedDate :: Maybe POSIX
- lastRotatedDate :: Maybe POSIX
- name :: Maybe Text
- nextRotationDate :: Maybe POSIX
- owningService :: Maybe Text
- primaryRegion :: Maybe Text
- rotationEnabled :: Maybe Bool
- rotationLambdaARN :: Maybe Text
- rotationRules :: Maybe RotationRulesType
- secretVersionsToStages :: Maybe (HashMap Text (NonEmpty Text))
- tags :: Maybe [Tag]
- newSecretListEntry :: SecretListEntry
- secretListEntry_arn :: Lens' SecretListEntry (Maybe Text)
- secretListEntry_createdDate :: Lens' SecretListEntry (Maybe UTCTime)
- secretListEntry_deletedDate :: Lens' SecretListEntry (Maybe UTCTime)
- secretListEntry_description :: Lens' SecretListEntry (Maybe Text)
- secretListEntry_kmsKeyId :: Lens' SecretListEntry (Maybe Text)
- secretListEntry_lastAccessedDate :: Lens' SecretListEntry (Maybe UTCTime)
- secretListEntry_lastChangedDate :: Lens' SecretListEntry (Maybe UTCTime)
- secretListEntry_lastRotatedDate :: Lens' SecretListEntry (Maybe UTCTime)
- secretListEntry_name :: Lens' SecretListEntry (Maybe Text)
- secretListEntry_nextRotationDate :: Lens' SecretListEntry (Maybe UTCTime)
- secretListEntry_owningService :: Lens' SecretListEntry (Maybe Text)
- secretListEntry_primaryRegion :: Lens' SecretListEntry (Maybe Text)
- secretListEntry_rotationEnabled :: Lens' SecretListEntry (Maybe Bool)
- secretListEntry_rotationLambdaARN :: Lens' SecretListEntry (Maybe Text)
- secretListEntry_rotationRules :: Lens' SecretListEntry (Maybe RotationRulesType)
- secretListEntry_secretVersionsToStages :: Lens' SecretListEntry (Maybe (HashMap Text (NonEmpty Text)))
- secretListEntry_tags :: Lens' SecretListEntry (Maybe [Tag])
- data SecretVersionsListEntry = SecretVersionsListEntry' {}
- newSecretVersionsListEntry :: SecretVersionsListEntry
- secretVersionsListEntry_createdDate :: Lens' SecretVersionsListEntry (Maybe UTCTime)
- secretVersionsListEntry_kmsKeyIds :: Lens' SecretVersionsListEntry (Maybe [Text])
- secretVersionsListEntry_lastAccessedDate :: Lens' SecretVersionsListEntry (Maybe UTCTime)
- secretVersionsListEntry_versionId :: Lens' SecretVersionsListEntry (Maybe Text)
- secretVersionsListEntry_versionStages :: Lens' SecretVersionsListEntry (Maybe (NonEmpty Text))
- data Tag = Tag' {}
- newTag :: Tag
- tag_key :: Lens' Tag (Maybe Text)
- tag_value :: Lens' Tag (Maybe Text)
- data ValidationErrorsEntry = ValidationErrorsEntry' {}
- newValidationErrorsEntry :: ValidationErrorsEntry
- validationErrorsEntry_checkName :: Lens' ValidationErrorsEntry (Maybe Text)
- validationErrorsEntry_errorMessage :: Lens' ValidationErrorsEntry (Maybe Text)
Service Configuration
defaultService :: Service Source #
API version 2017-10-17
of the Amazon Secrets Manager SDK configuration.
Errors
_DecryptionFailure :: AsError a => Fold a ServiceError Source #
Secrets Manager can't decrypt the protected secret text using the provided KMS key.
_EncryptionFailure :: AsError a => Fold a ServiceError Source #
Secrets Manager can't encrypt the protected secret text using the provided KMS key. Check that the KMS key is available, enabled, and not in an invalid state. For more information, see Key state: Effect on your KMS key.
_InternalServiceError :: AsError a => Fold a ServiceError Source #
An error occurred on the server side.
_InvalidNextTokenException :: AsError a => Fold a ServiceError Source #
The NextToken
value is invalid.
_InvalidParameterException :: AsError a => Fold a ServiceError Source #
The parameter name or value is invalid.
_InvalidRequestException :: AsError a => Fold a ServiceError Source #
A parameter value is not valid for the current state of the resource.
Possible causes:
- The secret is scheduled for deletion.
- You tried to enable rotation on a secret that doesn't already have a Lambda function ARN configured and you didn't include such an ARN as a parameter in this call.
- The secret is managed by another service, and you must use that service to update it. For more information, see Secrets managed by other Amazon Web Services services.
_LimitExceededException :: AsError a => Fold a ServiceError Source #
The request failed because it would exceed one of the Secrets Manager quotas.
_MalformedPolicyDocumentException :: AsError a => Fold a ServiceError Source #
The resource policy has syntax errors.
_PreconditionNotMetException :: AsError a => Fold a ServiceError Source #
The request failed because you did not complete all the prerequisite steps.
_PublicPolicyException :: AsError a => Fold a ServiceError Source #
The BlockPublicPolicy
parameter is set to true, and the resource
policy did not prevent broad access to the secret.
_ResourceExistsException :: AsError a => Fold a ServiceError Source #
A resource with the ID you requested already exists.
_ResourceNotFoundException :: AsError a => Fold a ServiceError Source #
Secrets Manager can't find the resource that you asked for.
FilterNameStringType
newtype FilterNameStringType Source #
pattern FilterNameStringType_All :: FilterNameStringType | |
pattern FilterNameStringType_Description :: FilterNameStringType | |
pattern FilterNameStringType_Name :: FilterNameStringType | |
pattern FilterNameStringType_Owning_service :: FilterNameStringType | |
pattern FilterNameStringType_Primary_region :: FilterNameStringType | |
pattern FilterNameStringType_Tag_key :: FilterNameStringType | |
pattern FilterNameStringType_Tag_value :: FilterNameStringType |
Instances
SortOrderType
newtype SortOrderType Source #
pattern SortOrderType_Asc :: SortOrderType | |
pattern SortOrderType_Desc :: SortOrderType |
Instances
StatusType
newtype StatusType Source #
pattern StatusType_Failed :: StatusType | |
pattern StatusType_InProgress :: StatusType | |
pattern StatusType_InSync :: StatusType |
Instances
Filter
Allows you to add filters when you use the search function in Secrets Manager. For more information, see Find secrets in Secrets Manager.
See: newFilter
smart constructor.
Filter' | |
|
Instances
ToJSON Filter Source # | |
Defined in Amazonka.SecretsManager.Types.Filter | |
Generic Filter Source # | |
Read Filter Source # | |
Show Filter Source # | |
NFData Filter Source # | |
Defined in Amazonka.SecretsManager.Types.Filter | |
Eq Filter Source # | |
Hashable Filter Source # | |
Defined in Amazonka.SecretsManager.Types.Filter | |
type Rep Filter Source # | |
Defined in Amazonka.SecretsManager.Types.Filter type Rep Filter = D1 ('MetaData "Filter" "Amazonka.SecretsManager.Types.Filter" "amazonka-secretsmanager-2.0-8tljeZ4CwL92E7JavkDb0o" 'False) (C1 ('MetaCons "Filter'" 'PrefixI 'True) (S1 ('MetaSel ('Just "key") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe FilterNameStringType)) :*: S1 ('MetaSel ('Just "values") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe (NonEmpty Text))))) |
Create a value of Filter
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:key:Filter'
, filter_key
- The following are keys you can use:
- description: Prefix match, not case-sensitive.
- name: Prefix match, case-sensitive.
- tag-key: Prefix match, case-sensitive.
- tag-value: Prefix match, case-sensitive.
- primary-region: Prefix match, case-sensitive.
- all: Breaks the filter value string into words and then searches all attributes for matches. Not case-sensitive.
$sel:values:Filter'
, filter_values
- The keyword to filter for.
You can prefix your search value with an exclamation mark (!
) in order
to perform negation filters.
filter_key :: Lens' Filter (Maybe FilterNameStringType) Source #
The following are keys you can use:
- description: Prefix match, not case-sensitive.
- name: Prefix match, case-sensitive.
- tag-key: Prefix match, case-sensitive.
- tag-value: Prefix match, case-sensitive.
- primary-region: Prefix match, case-sensitive.
- all: Breaks the filter value string into words and then searches all attributes for matches. Not case-sensitive.
filter_values :: Lens' Filter (Maybe (NonEmpty Text)) Source #
The keyword to filter for.
You can prefix your search value with an exclamation mark (!
) in order
to perform negation filters.
ReplicaRegionType
data ReplicaRegionType Source #
A custom type that specifies a Region
and the KmsKeyId
for a replica
secret.
See: newReplicaRegionType
smart constructor.
Instances
newReplicaRegionType :: ReplicaRegionType Source #
Create a value of ReplicaRegionType
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:kmsKeyId:ReplicaRegionType'
, replicaRegionType_kmsKeyId
- The ARN, key ID, or alias of the KMS key to encrypt the secret. If you
don't include this field, Secrets Manager uses aws/secretsmanager
.
$sel:region:ReplicaRegionType'
, replicaRegionType_region
- A Region code. For a list of Region codes, see
Name and code of Regions.
replicaRegionType_kmsKeyId :: Lens' ReplicaRegionType (Maybe Text) Source #
The ARN, key ID, or alias of the KMS key to encrypt the secret. If you
don't include this field, Secrets Manager uses aws/secretsmanager
.
replicaRegionType_region :: Lens' ReplicaRegionType (Maybe Text) Source #
A Region code. For a list of Region codes, see Name and code of Regions.
ReplicationStatusType
data ReplicationStatusType Source #
A replication object consisting of a RegionReplicationStatus
object
and includes a Region, KMSKeyId, status, and status message.
See: newReplicationStatusType
smart constructor.
ReplicationStatusType' | |
|
Instances
newReplicationStatusType :: ReplicationStatusType Source #
Create a value of ReplicationStatusType
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:kmsKeyId:ReplicationStatusType'
, replicationStatusType_kmsKeyId
- Can be an ARN
, Key ID
, or Alias
.
$sel:lastAccessedDate:ReplicationStatusType'
, replicationStatusType_lastAccessedDate
- The date that the secret was last accessed in the Region. This field is
omitted if the secret has never been retrieved in the Region.
$sel:region:ReplicationStatusType'
, replicationStatusType_region
- The Region where replication occurs.
$sel:status:ReplicationStatusType'
, replicationStatusType_status
- The status can be InProgress
, Failed
, or InSync
.
$sel:statusMessage:ReplicationStatusType'
, replicationStatusType_statusMessage
- Status message such as "/Secret with this name already exists in this
region/".
replicationStatusType_kmsKeyId :: Lens' ReplicationStatusType (Maybe Text) Source #
Can be an ARN
, Key ID
, or Alias
.
replicationStatusType_lastAccessedDate :: Lens' ReplicationStatusType (Maybe UTCTime) Source #
The date that the secret was last accessed in the Region. This field is omitted if the secret has never been retrieved in the Region.
replicationStatusType_region :: Lens' ReplicationStatusType (Maybe Text) Source #
The Region where replication occurs.
replicationStatusType_status :: Lens' ReplicationStatusType (Maybe StatusType) Source #
The status can be InProgress
, Failed
, or InSync
.
replicationStatusType_statusMessage :: Lens' ReplicationStatusType (Maybe Text) Source #
Status message such as "/Secret with this name already exists in this region/".
RotationRulesType
data RotationRulesType Source #
A structure that defines the rotation configuration for the secret.
See: newRotationRulesType
smart constructor.
RotationRulesType' | |
|
Instances
newRotationRulesType :: RotationRulesType Source #
Create a value of RotationRulesType
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:automaticallyAfterDays:RotationRulesType'
, rotationRulesType_automaticallyAfterDays
- The number of days between automatic scheduled rotations of the secret.
You can use this value to check that your secret meets your compliance
guidelines for how often secrets must be rotated.
In DescribeSecret
and ListSecrets
, this value is calculated from the
rotation schedule after every successful rotation. In RotateSecret
,
you can set the rotation schedule in RotationRules
with
AutomaticallyAfterDays
or ScheduleExpression
, but not both. To set a
rotation schedule in hours, use ScheduleExpression
.
$sel:duration:RotationRulesType'
, rotationRulesType_duration
- The length of the rotation window in hours, for example 3h
for a three
hour window. Secrets Manager rotates your secret at any time during this
window. The window must not extend into the next rotation window or the
next UTC day. The window starts according to the ScheduleExpression
.
If you don't specify a Duration
, for a ScheduleExpression
in hours,
the window automatically closes after one hour. For a
ScheduleExpression
in days, the window automatically closes at the end
of the UTC day. For more information, including examples, see
Schedule expressions in Secrets Manager rotation
in the Secrets Manager Users Guide.
$sel:scheduleExpression:RotationRulesType'
, rotationRulesType_scheduleExpression
- A cron()
or rate()
expression that defines the schedule for rotating
your secret. Secrets Manager rotation schedules use UTC time zone.
Secrets Manager rotates your secret any time during a rotation window.
Secrets Manager rate()
expressions represent the interval in hours or
days that you want to rotate your secret, for example rate(12 hours)
or rate(10 days)
. You can rotate a secret as often as every four
hours. If you use a rate()
expression, the rotation window starts at
midnight. For a rate in hours, the default rotation window closes after
one hour. For a rate in days, the default rotation window closes at the
end of the day. You can set the Duration
to change the rotation
window. The rotation window must not extend into the next UTC day or
into the next rotation window.
You can use a cron()
expression to create a rotation schedule that is
more detailed than a rotation interval. For more information, including
examples, see
Schedule expressions in Secrets Manager rotation
in the Secrets Manager Users Guide. For a cron expression that
represents a schedule in hours, the default rotation window closes after
one hour. For a cron expression that represents a schedule in days, the
default rotation window closes at the end of the day. You can set the
Duration
to change the rotation window. The rotation window must not
extend into the next UTC day or into the next rotation window.
rotationRulesType_automaticallyAfterDays :: Lens' RotationRulesType (Maybe Natural) Source #
The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.
In DescribeSecret
and ListSecrets
, this value is calculated from the
rotation schedule after every successful rotation. In RotateSecret
,
you can set the rotation schedule in RotationRules
with
AutomaticallyAfterDays
or ScheduleExpression
, but not both. To set a
rotation schedule in hours, use ScheduleExpression
.
rotationRulesType_duration :: Lens' RotationRulesType (Maybe Text) Source #
The length of the rotation window in hours, for example 3h
for a three
hour window. Secrets Manager rotates your secret at any time during this
window. The window must not extend into the next rotation window or the
next UTC day. The window starts according to the ScheduleExpression
.
If you don't specify a Duration
, for a ScheduleExpression
in hours,
the window automatically closes after one hour. For a
ScheduleExpression
in days, the window automatically closes at the end
of the UTC day. For more information, including examples, see
Schedule expressions in Secrets Manager rotation
in the Secrets Manager Users Guide.
rotationRulesType_scheduleExpression :: Lens' RotationRulesType (Maybe Text) Source #
A cron()
or rate()
expression that defines the schedule for rotating
your secret. Secrets Manager rotation schedules use UTC time zone.
Secrets Manager rotates your secret any time during a rotation window.
Secrets Manager rate()
expressions represent the interval in hours or
days that you want to rotate your secret, for example rate(12 hours)
or rate(10 days)
. You can rotate a secret as often as every four
hours. If you use a rate()
expression, the rotation window starts at
midnight. For a rate in hours, the default rotation window closes after
one hour. For a rate in days, the default rotation window closes at the
end of the day. You can set the Duration
to change the rotation
window. The rotation window must not extend into the next UTC day or
into the next rotation window.
You can use a cron()
expression to create a rotation schedule that is
more detailed than a rotation interval. For more information, including
examples, see
Schedule expressions in Secrets Manager rotation
in the Secrets Manager Users Guide. For a cron expression that
represents a schedule in hours, the default rotation window closes after
one hour. For a cron expression that represents a schedule in days, the
default rotation window closes at the end of the day. You can set the
Duration
to change the rotation window. The rotation window must not
extend into the next UTC day or into the next rotation window.
SecretListEntry
data SecretListEntry Source #
A structure that contains the details about a secret. It does not
include the encrypted SecretString
and SecretBinary
values. To get
those values, use
GetSecretValue
.
See: newSecretListEntry
smart constructor.
SecretListEntry' | |
|
Instances
newSecretListEntry :: SecretListEntry Source #
Create a value of SecretListEntry
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:arn:SecretListEntry'
, secretListEntry_arn
- The Amazon Resource Name (ARN) of the secret.
$sel:createdDate:SecretListEntry'
, secretListEntry_createdDate
- The date and time when a secret was created.
$sel:deletedDate:SecretListEntry'
, secretListEntry_deletedDate
- The date and time the deletion of the secret occurred. Not present on
active secrets. The secret can be recovered until the number of days in
the recovery window has passed, as specified in the
RecoveryWindowInDays
parameter of the
DeleteSecret
operation.
$sel:description:SecretListEntry'
, secretListEntry_description
- The user-provided description of the secret.
$sel:kmsKeyId:SecretListEntry'
, secretListEntry_kmsKeyId
- The ARN of the KMS key that Secrets Manager uses to encrypt the secret
value. If the secret is encrypted with the Amazon Web Services managed
key aws/secretsmanager
, this field is omitted.
$sel:lastAccessedDate:SecretListEntry'
, secretListEntry_lastAccessedDate
- The date that the secret was last accessed in the Region. This field is
omitted if the secret has never been retrieved in the Region.
$sel:lastChangedDate:SecretListEntry'
, secretListEntry_lastChangedDate
- The last date and time that this secret was modified in any way.
$sel:lastRotatedDate:SecretListEntry'
, secretListEntry_lastRotatedDate
- The most recent date and time that the Secrets Manager rotation process
was successfully completed. This value is null if the secret hasn't
ever rotated.
$sel:name:SecretListEntry'
, secretListEntry_name
- The friendly name of the secret. You can use forward slashes in the name
to represent a path hierarchy. For example,
/prod/databases/dbserver1
could represent the secret for a server
named dbserver1
in the folder databases
in the folder prod
.
$sel:nextRotationDate:SecretListEntry'
, secretListEntry_nextRotationDate
- Undocumented member.
$sel:owningService:SecretListEntry'
, secretListEntry_owningService
- Returns the name of the service that created the secret.
$sel:primaryRegion:SecretListEntry'
, secretListEntry_primaryRegion
- The Region where Secrets Manager originated the secret.
$sel:rotationEnabled:SecretListEntry'
, secretListEntry_rotationEnabled
- Indicates whether automatic, scheduled rotation is enabled for this
secret.
$sel:rotationLambdaARN:SecretListEntry'
, secretListEntry_rotationLambdaARN
- The ARN of an Amazon Web Services Lambda function invoked by Secrets
Manager to rotate and expire the secret either automatically per the
schedule or manually by a call to
RotateSecret
.
$sel:rotationRules:SecretListEntry'
, secretListEntry_rotationRules
- A structure that defines the rotation configuration for the secret.
$sel:secretVersionsToStages:SecretListEntry'
, secretListEntry_secretVersionsToStages
- A list of all of the currently assigned SecretVersionStage
staging
labels and the SecretVersionId
attached to each one. Staging labels
are used to keep track of the different versions during the rotation
process.
A version that does not have any SecretVersionStage
is considered
deprecated and subject to deletion. Such versions are not included in
this list.
$sel:tags:SecretListEntry'
, secretListEntry_tags
- The list of user-defined tags associated with the secret. To add tags to
a secret, use
TagResource
. To remove tags, use
UntagResource
.
secretListEntry_arn :: Lens' SecretListEntry (Maybe Text) Source #
The Amazon Resource Name (ARN) of the secret.
secretListEntry_createdDate :: Lens' SecretListEntry (Maybe UTCTime) Source #
The date and time when a secret was created.
secretListEntry_deletedDate :: Lens' SecretListEntry (Maybe UTCTime) Source #
The date and time the deletion of the secret occurred. Not present on
active secrets. The secret can be recovered until the number of days in
the recovery window has passed, as specified in the
RecoveryWindowInDays
parameter of the
DeleteSecret
operation.
secretListEntry_description :: Lens' SecretListEntry (Maybe Text) Source #
The user-provided description of the secret.
secretListEntry_kmsKeyId :: Lens' SecretListEntry (Maybe Text) Source #
The ARN of the KMS key that Secrets Manager uses to encrypt the secret
value. If the secret is encrypted with the Amazon Web Services managed
key aws/secretsmanager
, this field is omitted.
secretListEntry_lastAccessedDate :: Lens' SecretListEntry (Maybe UTCTime) Source #
The date that the secret was last accessed in the Region. This field is omitted if the secret has never been retrieved in the Region.
secretListEntry_lastChangedDate :: Lens' SecretListEntry (Maybe UTCTime) Source #
The last date and time that this secret was modified in any way.
secretListEntry_lastRotatedDate :: Lens' SecretListEntry (Maybe UTCTime) Source #
The most recent date and time that the Secrets Manager rotation process was successfully completed. This value is null if the secret hasn't ever rotated.
secretListEntry_name :: Lens' SecretListEntry (Maybe Text) Source #
The friendly name of the secret. You can use forward slashes in the name
to represent a path hierarchy. For example,
/prod/databases/dbserver1
could represent the secret for a server
named dbserver1
in the folder databases
in the folder prod
.
secretListEntry_nextRotationDate :: Lens' SecretListEntry (Maybe UTCTime) Source #
Undocumented member.
secretListEntry_owningService :: Lens' SecretListEntry (Maybe Text) Source #
Returns the name of the service that created the secret.
secretListEntry_primaryRegion :: Lens' SecretListEntry (Maybe Text) Source #
The Region where Secrets Manager originated the secret.
secretListEntry_rotationEnabled :: Lens' SecretListEntry (Maybe Bool) Source #
Indicates whether automatic, scheduled rotation is enabled for this secret.
secretListEntry_rotationLambdaARN :: Lens' SecretListEntry (Maybe Text) Source #
The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to rotate and expire the secret either automatically per the schedule or manually by a call to RotateSecret .
secretListEntry_rotationRules :: Lens' SecretListEntry (Maybe RotationRulesType) Source #
A structure that defines the rotation configuration for the secret.
secretListEntry_secretVersionsToStages :: Lens' SecretListEntry (Maybe (HashMap Text (NonEmpty Text))) Source #
A list of all of the currently assigned SecretVersionStage
staging
labels and the SecretVersionId
attached to each one. Staging labels
are used to keep track of the different versions during the rotation
process.
A version that does not have any SecretVersionStage
is considered
deprecated and subject to deletion. Such versions are not included in
this list.
secretListEntry_tags :: Lens' SecretListEntry (Maybe [Tag]) Source #
The list of user-defined tags associated with the secret. To add tags to a secret, use TagResource . To remove tags, use UntagResource .
SecretVersionsListEntry
data SecretVersionsListEntry Source #
A structure that contains information about one version of a secret.
See: newSecretVersionsListEntry
smart constructor.
SecretVersionsListEntry' | |
|
Instances
newSecretVersionsListEntry :: SecretVersionsListEntry Source #
Create a value of SecretVersionsListEntry
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:createdDate:SecretVersionsListEntry'
, secretVersionsListEntry_createdDate
- The date and time this version of the secret was created.
$sel:kmsKeyIds:SecretVersionsListEntry'
, secretVersionsListEntry_kmsKeyIds
- The KMS keys used to encrypt the secret version.
$sel:lastAccessedDate:SecretVersionsListEntry'
, secretVersionsListEntry_lastAccessedDate
- The date that this version of the secret was last accessed. Note that
the resolution of this field is at the date level and does not include
the time.
$sel:versionId:SecretVersionsListEntry'
, secretVersionsListEntry_versionId
- The unique version identifier of this version of the secret.
$sel:versionStages:SecretVersionsListEntry'
, secretVersionsListEntry_versionStages
- An array of staging labels that are currently associated with this
version of the secret.
secretVersionsListEntry_createdDate :: Lens' SecretVersionsListEntry (Maybe UTCTime) Source #
The date and time this version of the secret was created.
secretVersionsListEntry_kmsKeyIds :: Lens' SecretVersionsListEntry (Maybe [Text]) Source #
The KMS keys used to encrypt the secret version.
secretVersionsListEntry_lastAccessedDate :: Lens' SecretVersionsListEntry (Maybe UTCTime) Source #
The date that this version of the secret was last accessed. Note that the resolution of this field is at the date level and does not include the time.
secretVersionsListEntry_versionId :: Lens' SecretVersionsListEntry (Maybe Text) Source #
The unique version identifier of this version of the secret.
secretVersionsListEntry_versionStages :: Lens' SecretVersionsListEntry (Maybe (NonEmpty Text)) Source #
An array of staging labels that are currently associated with this version of the secret.
Tag
A structure that contains information about a tag.
See: newTag
smart constructor.
Instances
FromJSON Tag Source # | |
ToJSON Tag Source # | |
Defined in Amazonka.SecretsManager.Types.Tag | |
Generic Tag Source # | |
Read Tag Source # | |
Show Tag Source # | |
NFData Tag Source # | |
Defined in Amazonka.SecretsManager.Types.Tag | |
Eq Tag Source # | |
Hashable Tag Source # | |
Defined in Amazonka.SecretsManager.Types.Tag | |
type Rep Tag Source # | |
Defined in Amazonka.SecretsManager.Types.Tag type Rep Tag = D1 ('MetaData "Tag" "Amazonka.SecretsManager.Types.Tag" "amazonka-secretsmanager-2.0-8tljeZ4CwL92E7JavkDb0o" 'False) (C1 ('MetaCons "Tag'" 'PrefixI 'True) (S1 ('MetaSel ('Just "key") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "value") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))) |
Create a value of Tag
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:key:Tag'
, tag_key
- The key identifier, or name, of the tag.
$sel:value:Tag'
, tag_value
- The string value associated with the key of the tag.
ValidationErrorsEntry
data ValidationErrorsEntry Source #
Displays errors that occurred during validation of the resource policy.
See: newValidationErrorsEntry
smart constructor.
Instances
newValidationErrorsEntry :: ValidationErrorsEntry Source #
Create a value of ValidationErrorsEntry
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:checkName:ValidationErrorsEntry'
, validationErrorsEntry_checkName
- Checks the name of the policy.
$sel:errorMessage:ValidationErrorsEntry'
, validationErrorsEntry_errorMessage
- Displays error messages if validation encounters problems during
validation of the resource policy.
validationErrorsEntry_checkName :: Lens' ValidationErrorsEntry (Maybe Text) Source #
Checks the name of the policy.
validationErrorsEntry_errorMessage :: Lens' ValidationErrorsEntry (Maybe Text) Source #
Displays error messages if validation encounters problems during validation of the resource policy.