/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include namespace Aws { namespace SecretsManager { namespace Model { /** */ class AWS_SECRETSMANAGER_API UpdateSecretRequest : public SecretsManagerRequest { public: UpdateSecretRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "UpdateSecret"; } Aws::String SerializePayload() const override; Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; /** *

Specifies the secret that you want to modify or to which you want to add a * new version. You can specify either the Amazon Resource Name (ARN) or the * friendly name of the secret.

If you specify an ARN, we generally * recommend that you specify a complete ARN. You can specify a partial ARN too—for * example, if you don’t include the final hyphen and six random characters that * Secrets Manager adds at the end of the ARN when you created the secret. A * partial ARN match can work as long as it uniquely matches only one secret. * However, if your secret has a name that ends in a hyphen followed by six * characters (before Secrets Manager adds the hyphen and six characters to the * ARN) and you try to use that as a partial ARN, then those characters cause * Secrets Manager to assume that you’re specifying a complete ARN. This confusion * can cause unexpected results. To avoid this situation, we recommend that you * don’t create secret names ending with a hyphen followed by six characters.

*

If you specify an incomplete ARN without the random suffix, and instead * provide the 'friendly name', you must not include the random suffix. If * you do include the random suffix added by Secrets Manager, you receive either a * ResourceNotFoundException or an AccessDeniedException error, * depending on your permissions.

*/ inline const Aws::String& GetSecretId() const{ return m_secretId; } /** *

Specifies the secret that you want to modify or to which you want to add a * new version. You can specify either the Amazon Resource Name (ARN) or the * friendly name of the secret.

If you specify an ARN, we generally * recommend that you specify a complete ARN. You can specify a partial ARN too—for * example, if you don’t include the final hyphen and six random characters that * Secrets Manager adds at the end of the ARN when you created the secret. A * partial ARN match can work as long as it uniquely matches only one secret. * However, if your secret has a name that ends in a hyphen followed by six * characters (before Secrets Manager adds the hyphen and six characters to the * ARN) and you try to use that as a partial ARN, then those characters cause * Secrets Manager to assume that you’re specifying a complete ARN. This confusion * can cause unexpected results. To avoid this situation, we recommend that you * don’t create secret names ending with a hyphen followed by six characters.

*

If you specify an incomplete ARN without the random suffix, and instead * provide the 'friendly name', you must not include the random suffix. If * you do include the random suffix added by Secrets Manager, you receive either a * ResourceNotFoundException or an AccessDeniedException error, * depending on your permissions.

*/ inline bool SecretIdHasBeenSet() const { return m_secretIdHasBeenSet; } /** *

Specifies the secret that you want to modify or to which you want to add a * new version. You can specify either the Amazon Resource Name (ARN) or the * friendly name of the secret.

If you specify an ARN, we generally * recommend that you specify a complete ARN. You can specify a partial ARN too—for * example, if you don’t include the final hyphen and six random characters that * Secrets Manager adds at the end of the ARN when you created the secret. A * partial ARN match can work as long as it uniquely matches only one secret. * However, if your secret has a name that ends in a hyphen followed by six * characters (before Secrets Manager adds the hyphen and six characters to the * ARN) and you try to use that as a partial ARN, then those characters cause * Secrets Manager to assume that you’re specifying a complete ARN. This confusion * can cause unexpected results. To avoid this situation, we recommend that you * don’t create secret names ending with a hyphen followed by six characters.

*

If you specify an incomplete ARN without the random suffix, and instead * provide the 'friendly name', you must not include the random suffix. If * you do include the random suffix added by Secrets Manager, you receive either a * ResourceNotFoundException or an AccessDeniedException error, * depending on your permissions.

*/ inline void SetSecretId(const Aws::String& value) { m_secretIdHasBeenSet = true; m_secretId = value; } /** *

Specifies the secret that you want to modify or to which you want to add a * new version. You can specify either the Amazon Resource Name (ARN) or the * friendly name of the secret.

If you specify an ARN, we generally * recommend that you specify a complete ARN. You can specify a partial ARN too—for * example, if you don’t include the final hyphen and six random characters that * Secrets Manager adds at the end of the ARN when you created the secret. A * partial ARN match can work as long as it uniquely matches only one secret. * However, if your secret has a name that ends in a hyphen followed by six * characters (before Secrets Manager adds the hyphen and six characters to the * ARN) and you try to use that as a partial ARN, then those characters cause * Secrets Manager to assume that you’re specifying a complete ARN. This confusion * can cause unexpected results. To avoid this situation, we recommend that you * don’t create secret names ending with a hyphen followed by six characters.

*

If you specify an incomplete ARN without the random suffix, and instead * provide the 'friendly name', you must not include the random suffix. If * you do include the random suffix added by Secrets Manager, you receive either a * ResourceNotFoundException or an AccessDeniedException error, * depending on your permissions.

*/ inline void SetSecretId(Aws::String&& value) { m_secretIdHasBeenSet = true; m_secretId = std::move(value); } /** *

Specifies the secret that you want to modify or to which you want to add a * new version. You can specify either the Amazon Resource Name (ARN) or the * friendly name of the secret.

If you specify an ARN, we generally * recommend that you specify a complete ARN. You can specify a partial ARN too—for * example, if you don’t include the final hyphen and six random characters that * Secrets Manager adds at the end of the ARN when you created the secret. A * partial ARN match can work as long as it uniquely matches only one secret. * However, if your secret has a name that ends in a hyphen followed by six * characters (before Secrets Manager adds the hyphen and six characters to the * ARN) and you try to use that as a partial ARN, then those characters cause * Secrets Manager to assume that you’re specifying a complete ARN. This confusion * can cause unexpected results. To avoid this situation, we recommend that you * don’t create secret names ending with a hyphen followed by six characters.

*

If you specify an incomplete ARN without the random suffix, and instead * provide the 'friendly name', you must not include the random suffix. If * you do include the random suffix added by Secrets Manager, you receive either a * ResourceNotFoundException or an AccessDeniedException error, * depending on your permissions.

*/ inline void SetSecretId(const char* value) { m_secretIdHasBeenSet = true; m_secretId.assign(value); } /** *

Specifies the secret that you want to modify or to which you want to add a * new version. You can specify either the Amazon Resource Name (ARN) or the * friendly name of the secret.

If you specify an ARN, we generally * recommend that you specify a complete ARN. You can specify a partial ARN too—for * example, if you don’t include the final hyphen and six random characters that * Secrets Manager adds at the end of the ARN when you created the secret. A * partial ARN match can work as long as it uniquely matches only one secret. * However, if your secret has a name that ends in a hyphen followed by six * characters (before Secrets Manager adds the hyphen and six characters to the * ARN) and you try to use that as a partial ARN, then those characters cause * Secrets Manager to assume that you’re specifying a complete ARN. This confusion * can cause unexpected results. To avoid this situation, we recommend that you * don’t create secret names ending with a hyphen followed by six characters.

*

If you specify an incomplete ARN without the random suffix, and instead * provide the 'friendly name', you must not include the random suffix. If * you do include the random suffix added by Secrets Manager, you receive either a * ResourceNotFoundException or an AccessDeniedException error, * depending on your permissions.

*/ inline UpdateSecretRequest& WithSecretId(const Aws::String& value) { SetSecretId(value); return *this;} /** *

Specifies the secret that you want to modify or to which you want to add a * new version. You can specify either the Amazon Resource Name (ARN) or the * friendly name of the secret.

If you specify an ARN, we generally * recommend that you specify a complete ARN. You can specify a partial ARN too—for * example, if you don’t include the final hyphen and six random characters that * Secrets Manager adds at the end of the ARN when you created the secret. A * partial ARN match can work as long as it uniquely matches only one secret. * However, if your secret has a name that ends in a hyphen followed by six * characters (before Secrets Manager adds the hyphen and six characters to the * ARN) and you try to use that as a partial ARN, then those characters cause * Secrets Manager to assume that you’re specifying a complete ARN. This confusion * can cause unexpected results. To avoid this situation, we recommend that you * don’t create secret names ending with a hyphen followed by six characters.

*

If you specify an incomplete ARN without the random suffix, and instead * provide the 'friendly name', you must not include the random suffix. If * you do include the random suffix added by Secrets Manager, you receive either a * ResourceNotFoundException or an AccessDeniedException error, * depending on your permissions.

*/ inline UpdateSecretRequest& WithSecretId(Aws::String&& value) { SetSecretId(std::move(value)); return *this;} /** *

Specifies the secret that you want to modify or to which you want to add a * new version. You can specify either the Amazon Resource Name (ARN) or the * friendly name of the secret.

If you specify an ARN, we generally * recommend that you specify a complete ARN. You can specify a partial ARN too—for * example, if you don’t include the final hyphen and six random characters that * Secrets Manager adds at the end of the ARN when you created the secret. A * partial ARN match can work as long as it uniquely matches only one secret. * However, if your secret has a name that ends in a hyphen followed by six * characters (before Secrets Manager adds the hyphen and six characters to the * ARN) and you try to use that as a partial ARN, then those characters cause * Secrets Manager to assume that you’re specifying a complete ARN. This confusion * can cause unexpected results. To avoid this situation, we recommend that you * don’t create secret names ending with a hyphen followed by six characters.

*

If you specify an incomplete ARN without the random suffix, and instead * provide the 'friendly name', you must not include the random suffix. If * you do include the random suffix added by Secrets Manager, you receive either a * ResourceNotFoundException or an AccessDeniedException error, * depending on your permissions.

*/ inline UpdateSecretRequest& WithSecretId(const char* value) { SetSecretId(value); return *this;} /** *

(Optional) If you want to add a new version to the secret, this parameter * specifies a unique identifier for the new version that helps ensure idempotency. *

If you use the AWS CLI or one of the AWS SDK to call this operation, * then you can leave this parameter empty. The CLI or SDK generates a random UUID * for you and includes that in the request. If you don't use the SDK and instead * generate a raw HTTP request to the Secrets Manager service endpoint, then you * must generate a ClientRequestToken yourself for new versions and * include that value in the request.

You typically only need to interact * with this value if you implement your own retry logic and want to ensure that a * given secret is not created twice. We recommend that you generate a UUID-type * value to ensure uniqueness within the specified secret.

Secrets Manager * uses this value to prevent the accidental creation of duplicate versions if * there are failures and retries during the Lambda rotation function's * processing.

  • If the ClientRequestToken value isn't * already associated with a version of the secret then a new version of the secret * is created.

  • If a version with this value already exists and * that version's SecretString and SecretBinary values * are the same as those in the request then the request is ignored (the operation * is idempotent).

  • If a version with this value already exists * and that version's SecretString and SecretBinary * values are different from the request then an error occurs because you cannot * modify an existing secret value.

This value becomes the * VersionId of the new version.

*/ inline const Aws::String& GetClientRequestToken() const{ return m_clientRequestToken; } /** *

(Optional) If you want to add a new version to the secret, this parameter * specifies a unique identifier for the new version that helps ensure idempotency. *

If you use the AWS CLI or one of the AWS SDK to call this operation, * then you can leave this parameter empty. The CLI or SDK generates a random UUID * for you and includes that in the request. If you don't use the SDK and instead * generate a raw HTTP request to the Secrets Manager service endpoint, then you * must generate a ClientRequestToken yourself for new versions and * include that value in the request.

You typically only need to interact * with this value if you implement your own retry logic and want to ensure that a * given secret is not created twice. We recommend that you generate a UUID-type * value to ensure uniqueness within the specified secret.

Secrets Manager * uses this value to prevent the accidental creation of duplicate versions if * there are failures and retries during the Lambda rotation function's * processing.

  • If the ClientRequestToken value isn't * already associated with a version of the secret then a new version of the secret * is created.

  • If a version with this value already exists and * that version's SecretString and SecretBinary values * are the same as those in the request then the request is ignored (the operation * is idempotent).

  • If a version with this value already exists * and that version's SecretString and SecretBinary * values are different from the request then an error occurs because you cannot * modify an existing secret value.

This value becomes the * VersionId of the new version.

*/ inline bool ClientRequestTokenHasBeenSet() const { return m_clientRequestTokenHasBeenSet; } /** *

(Optional) If you want to add a new version to the secret, this parameter * specifies a unique identifier for the new version that helps ensure idempotency. *

If you use the AWS CLI or one of the AWS SDK to call this operation, * then you can leave this parameter empty. The CLI or SDK generates a random UUID * for you and includes that in the request. If you don't use the SDK and instead * generate a raw HTTP request to the Secrets Manager service endpoint, then you * must generate a ClientRequestToken yourself for new versions and * include that value in the request.

You typically only need to interact * with this value if you implement your own retry logic and want to ensure that a * given secret is not created twice. We recommend that you generate a UUID-type * value to ensure uniqueness within the specified secret.

Secrets Manager * uses this value to prevent the accidental creation of duplicate versions if * there are failures and retries during the Lambda rotation function's * processing.

  • If the ClientRequestToken value isn't * already associated with a version of the secret then a new version of the secret * is created.

  • If a version with this value already exists and * that version's SecretString and SecretBinary values * are the same as those in the request then the request is ignored (the operation * is idempotent).

  • If a version with this value already exists * and that version's SecretString and SecretBinary * values are different from the request then an error occurs because you cannot * modify an existing secret value.

This value becomes the * VersionId of the new version.

*/ inline void SetClientRequestToken(const Aws::String& value) { m_clientRequestTokenHasBeenSet = true; m_clientRequestToken = value; } /** *

(Optional) If you want to add a new version to the secret, this parameter * specifies a unique identifier for the new version that helps ensure idempotency. *

If you use the AWS CLI or one of the AWS SDK to call this operation, * then you can leave this parameter empty. The CLI or SDK generates a random UUID * for you and includes that in the request. If you don't use the SDK and instead * generate a raw HTTP request to the Secrets Manager service endpoint, then you * must generate a ClientRequestToken yourself for new versions and * include that value in the request.

You typically only need to interact * with this value if you implement your own retry logic and want to ensure that a * given secret is not created twice. We recommend that you generate a UUID-type * value to ensure uniqueness within the specified secret.

Secrets Manager * uses this value to prevent the accidental creation of duplicate versions if * there are failures and retries during the Lambda rotation function's * processing.

  • If the ClientRequestToken value isn't * already associated with a version of the secret then a new version of the secret * is created.

  • If a version with this value already exists and * that version's SecretString and SecretBinary values * are the same as those in the request then the request is ignored (the operation * is idempotent).

  • If a version with this value already exists * and that version's SecretString and SecretBinary * values are different from the request then an error occurs because you cannot * modify an existing secret value.

This value becomes the * VersionId of the new version.

*/ inline void SetClientRequestToken(Aws::String&& value) { m_clientRequestTokenHasBeenSet = true; m_clientRequestToken = std::move(value); } /** *

(Optional) If you want to add a new version to the secret, this parameter * specifies a unique identifier for the new version that helps ensure idempotency. *

If you use the AWS CLI or one of the AWS SDK to call this operation, * then you can leave this parameter empty. The CLI or SDK generates a random UUID * for you and includes that in the request. If you don't use the SDK and instead * generate a raw HTTP request to the Secrets Manager service endpoint, then you * must generate a ClientRequestToken yourself for new versions and * include that value in the request.

You typically only need to interact * with this value if you implement your own retry logic and want to ensure that a * given secret is not created twice. We recommend that you generate a UUID-type * value to ensure uniqueness within the specified secret.

Secrets Manager * uses this value to prevent the accidental creation of duplicate versions if * there are failures and retries during the Lambda rotation function's * processing.

  • If the ClientRequestToken value isn't * already associated with a version of the secret then a new version of the secret * is created.

  • If a version with this value already exists and * that version's SecretString and SecretBinary values * are the same as those in the request then the request is ignored (the operation * is idempotent).

  • If a version with this value already exists * and that version's SecretString and SecretBinary * values are different from the request then an error occurs because you cannot * modify an existing secret value.

This value becomes the * VersionId of the new version.

*/ inline void SetClientRequestToken(const char* value) { m_clientRequestTokenHasBeenSet = true; m_clientRequestToken.assign(value); } /** *

(Optional) If you want to add a new version to the secret, this parameter * specifies a unique identifier for the new version that helps ensure idempotency. *

If you use the AWS CLI or one of the AWS SDK to call this operation, * then you can leave this parameter empty. The CLI or SDK generates a random UUID * for you and includes that in the request. If you don't use the SDK and instead * generate a raw HTTP request to the Secrets Manager service endpoint, then you * must generate a ClientRequestToken yourself for new versions and * include that value in the request.

You typically only need to interact * with this value if you implement your own retry logic and want to ensure that a * given secret is not created twice. We recommend that you generate a UUID-type * value to ensure uniqueness within the specified secret.

Secrets Manager * uses this value to prevent the accidental creation of duplicate versions if * there are failures and retries during the Lambda rotation function's * processing.

  • If the ClientRequestToken value isn't * already associated with a version of the secret then a new version of the secret * is created.

  • If a version with this value already exists and * that version's SecretString and SecretBinary values * are the same as those in the request then the request is ignored (the operation * is idempotent).

  • If a version with this value already exists * and that version's SecretString and SecretBinary * values are different from the request then an error occurs because you cannot * modify an existing secret value.

This value becomes the * VersionId of the new version.

*/ inline UpdateSecretRequest& WithClientRequestToken(const Aws::String& value) { SetClientRequestToken(value); return *this;} /** *

(Optional) If you want to add a new version to the secret, this parameter * specifies a unique identifier for the new version that helps ensure idempotency. *

If you use the AWS CLI or one of the AWS SDK to call this operation, * then you can leave this parameter empty. The CLI or SDK generates a random UUID * for you and includes that in the request. If you don't use the SDK and instead * generate a raw HTTP request to the Secrets Manager service endpoint, then you * must generate a ClientRequestToken yourself for new versions and * include that value in the request.

You typically only need to interact * with this value if you implement your own retry logic and want to ensure that a * given secret is not created twice. We recommend that you generate a UUID-type * value to ensure uniqueness within the specified secret.

Secrets Manager * uses this value to prevent the accidental creation of duplicate versions if * there are failures and retries during the Lambda rotation function's * processing.

  • If the ClientRequestToken value isn't * already associated with a version of the secret then a new version of the secret * is created.

  • If a version with this value already exists and * that version's SecretString and SecretBinary values * are the same as those in the request then the request is ignored (the operation * is idempotent).

  • If a version with this value already exists * and that version's SecretString and SecretBinary * values are different from the request then an error occurs because you cannot * modify an existing secret value.

This value becomes the * VersionId of the new version.

*/ inline UpdateSecretRequest& WithClientRequestToken(Aws::String&& value) { SetClientRequestToken(std::move(value)); return *this;} /** *

(Optional) If you want to add a new version to the secret, this parameter * specifies a unique identifier for the new version that helps ensure idempotency. *

If you use the AWS CLI or one of the AWS SDK to call this operation, * then you can leave this parameter empty. The CLI or SDK generates a random UUID * for you and includes that in the request. If you don't use the SDK and instead * generate a raw HTTP request to the Secrets Manager service endpoint, then you * must generate a ClientRequestToken yourself for new versions and * include that value in the request.

You typically only need to interact * with this value if you implement your own retry logic and want to ensure that a * given secret is not created twice. We recommend that you generate a UUID-type * value to ensure uniqueness within the specified secret.

Secrets Manager * uses this value to prevent the accidental creation of duplicate versions if * there are failures and retries during the Lambda rotation function's * processing.

  • If the ClientRequestToken value isn't * already associated with a version of the secret then a new version of the secret * is created.

  • If a version with this value already exists and * that version's SecretString and SecretBinary values * are the same as those in the request then the request is ignored (the operation * is idempotent).

  • If a version with this value already exists * and that version's SecretString and SecretBinary * values are different from the request then an error occurs because you cannot * modify an existing secret value.

This value becomes the * VersionId of the new version.

*/ inline UpdateSecretRequest& WithClientRequestToken(const char* value) { SetClientRequestToken(value); return *this;} /** *

(Optional) Specifies an updated user-provided description of the secret.

*/ inline const Aws::String& GetDescription() const{ return m_description; } /** *

(Optional) Specifies an updated user-provided description of the secret.

*/ inline bool DescriptionHasBeenSet() const { return m_descriptionHasBeenSet; } /** *

(Optional) Specifies an updated user-provided description of the secret.

*/ inline void SetDescription(const Aws::String& value) { m_descriptionHasBeenSet = true; m_description = value; } /** *

(Optional) Specifies an updated user-provided description of the secret.

*/ inline void SetDescription(Aws::String&& value) { m_descriptionHasBeenSet = true; m_description = std::move(value); } /** *

(Optional) Specifies an updated user-provided description of the secret.

*/ inline void SetDescription(const char* value) { m_descriptionHasBeenSet = true; m_description.assign(value); } /** *

(Optional) Specifies an updated user-provided description of the secret.

*/ inline UpdateSecretRequest& WithDescription(const Aws::String& value) { SetDescription(value); return *this;} /** *

(Optional) Specifies an updated user-provided description of the secret.

*/ inline UpdateSecretRequest& WithDescription(Aws::String&& value) { SetDescription(std::move(value)); return *this;} /** *

(Optional) Specifies an updated user-provided description of the secret.

*/ inline UpdateSecretRequest& WithDescription(const char* value) { SetDescription(value); return *this;} /** *

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master * key (CMK) to be used to encrypt the protected text in new versions of this * secret.

You can only use the account's default CMK to encrypt * and decrypt if you call this operation using credentials from the same account * that owns the secret. If the secret is in a different account, then you must * create a custom CMK and provide the ARN of that CMK in this field. The user * making the call must have permissions to both the secret and the CMK in their * respective accounts.

*/ inline const Aws::String& GetKmsKeyId() const{ return m_kmsKeyId; } /** *

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master * key (CMK) to be used to encrypt the protected text in new versions of this * secret.

You can only use the account's default CMK to encrypt * and decrypt if you call this operation using credentials from the same account * that owns the secret. If the secret is in a different account, then you must * create a custom CMK and provide the ARN of that CMK in this field. The user * making the call must have permissions to both the secret and the CMK in their * respective accounts.

*/ inline bool KmsKeyIdHasBeenSet() const { return m_kmsKeyIdHasBeenSet; } /** *

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master * key (CMK) to be used to encrypt the protected text in new versions of this * secret.

You can only use the account's default CMK to encrypt * and decrypt if you call this operation using credentials from the same account * that owns the secret. If the secret is in a different account, then you must * create a custom CMK and provide the ARN of that CMK in this field. The user * making the call must have permissions to both the secret and the CMK in their * respective accounts.

*/ inline void SetKmsKeyId(const Aws::String& value) { m_kmsKeyIdHasBeenSet = true; m_kmsKeyId = value; } /** *

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master * key (CMK) to be used to encrypt the protected text in new versions of this * secret.

You can only use the account's default CMK to encrypt * and decrypt if you call this operation using credentials from the same account * that owns the secret. If the secret is in a different account, then you must * create a custom CMK and provide the ARN of that CMK in this field. The user * making the call must have permissions to both the secret and the CMK in their * respective accounts.

*/ inline void SetKmsKeyId(Aws::String&& value) { m_kmsKeyIdHasBeenSet = true; m_kmsKeyId = std::move(value); } /** *

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master * key (CMK) to be used to encrypt the protected text in new versions of this * secret.

You can only use the account's default CMK to encrypt * and decrypt if you call this operation using credentials from the same account * that owns the secret. If the secret is in a different account, then you must * create a custom CMK and provide the ARN of that CMK in this field. The user * making the call must have permissions to both the secret and the CMK in their * respective accounts.

*/ inline void SetKmsKeyId(const char* value) { m_kmsKeyIdHasBeenSet = true; m_kmsKeyId.assign(value); } /** *

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master * key (CMK) to be used to encrypt the protected text in new versions of this * secret.

You can only use the account's default CMK to encrypt * and decrypt if you call this operation using credentials from the same account * that owns the secret. If the secret is in a different account, then you must * create a custom CMK and provide the ARN of that CMK in this field. The user * making the call must have permissions to both the secret and the CMK in their * respective accounts.

*/ inline UpdateSecretRequest& WithKmsKeyId(const Aws::String& value) { SetKmsKeyId(value); return *this;} /** *

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master * key (CMK) to be used to encrypt the protected text in new versions of this * secret.

You can only use the account's default CMK to encrypt * and decrypt if you call this operation using credentials from the same account * that owns the secret. If the secret is in a different account, then you must * create a custom CMK and provide the ARN of that CMK in this field. The user * making the call must have permissions to both the secret and the CMK in their * respective accounts.

*/ inline UpdateSecretRequest& WithKmsKeyId(Aws::String&& value) { SetKmsKeyId(std::move(value)); return *this;} /** *

(Optional) Specifies an updated ARN or alias of the AWS KMS customer master * key (CMK) to be used to encrypt the protected text in new versions of this * secret.

You can only use the account's default CMK to encrypt * and decrypt if you call this operation using credentials from the same account * that owns the secret. If the secret is in a different account, then you must * create a custom CMK and provide the ARN of that CMK in this field. The user * making the call must have permissions to both the secret and the CMK in their * respective accounts.

*/ inline UpdateSecretRequest& WithKmsKeyId(const char* value) { SetKmsKeyId(value); return *this;} /** *

(Optional) Specifies updated binary data that you want to encrypt and store * in the new version of the secret. To use this parameter in the command-line * tools, we recommend that you store your binary data in a file and then use the * appropriate technique for your tool to pass the contents of the file as a * parameter. Either SecretBinary or SecretString must * have a value, but not both. They cannot both be empty.

This parameter is * not accessible using the Secrets Manager console.

*/ inline const Aws::Utils::CryptoBuffer& GetSecretBinary() const{ return m_secretBinary; } /** *

(Optional) Specifies updated binary data that you want to encrypt and store * in the new version of the secret. To use this parameter in the command-line * tools, we recommend that you store your binary data in a file and then use the * appropriate technique for your tool to pass the contents of the file as a * parameter. Either SecretBinary or SecretString must * have a value, but not both. They cannot both be empty.

This parameter is * not accessible using the Secrets Manager console.

*/ inline bool SecretBinaryHasBeenSet() const { return m_secretBinaryHasBeenSet; } /** *

(Optional) Specifies updated binary data that you want to encrypt and store * in the new version of the secret. To use this parameter in the command-line * tools, we recommend that you store your binary data in a file and then use the * appropriate technique for your tool to pass the contents of the file as a * parameter. Either SecretBinary or SecretString must * have a value, but not both. They cannot both be empty.

This parameter is * not accessible using the Secrets Manager console.

*/ inline void SetSecretBinary(const Aws::Utils::CryptoBuffer& value) { m_secretBinaryHasBeenSet = true; m_secretBinary = value; } /** *

(Optional) Specifies updated binary data that you want to encrypt and store * in the new version of the secret. To use this parameter in the command-line * tools, we recommend that you store your binary data in a file and then use the * appropriate technique for your tool to pass the contents of the file as a * parameter. Either SecretBinary or SecretString must * have a value, but not both. They cannot both be empty.

This parameter is * not accessible using the Secrets Manager console.

*/ inline void SetSecretBinary(Aws::Utils::CryptoBuffer&& value) { m_secretBinaryHasBeenSet = true; m_secretBinary = std::move(value); } /** *

(Optional) Specifies updated binary data that you want to encrypt and store * in the new version of the secret. To use this parameter in the command-line * tools, we recommend that you store your binary data in a file and then use the * appropriate technique for your tool to pass the contents of the file as a * parameter. Either SecretBinary or SecretString must * have a value, but not both. They cannot both be empty.

This parameter is * not accessible using the Secrets Manager console.

*/ inline UpdateSecretRequest& WithSecretBinary(const Aws::Utils::CryptoBuffer& value) { SetSecretBinary(value); return *this;} /** *

(Optional) Specifies updated binary data that you want to encrypt and store * in the new version of the secret. To use this parameter in the command-line * tools, we recommend that you store your binary data in a file and then use the * appropriate technique for your tool to pass the contents of the file as a * parameter. Either SecretBinary or SecretString must * have a value, but not both. They cannot both be empty.

This parameter is * not accessible using the Secrets Manager console.

*/ inline UpdateSecretRequest& WithSecretBinary(Aws::Utils::CryptoBuffer&& value) { SetSecretBinary(std::move(value)); return *this;} /** *

(Optional) Specifies updated text data that you want to encrypt and store in * this new version of the secret. Either SecretBinary or * SecretString must have a value, but not both. They cannot both be * empty.

If you create this secret by using the Secrets Manager console * then Secrets Manager puts the protected secret text in only the * SecretString parameter. The Secrets Manager console stores the * information as a JSON structure of key/value pairs that the default Lambda * rotation function knows how to parse.

For storing multiple values, we * recommend that you use a JSON text string argument and specify key/value pairs. * For information on how to format a JSON parameter for the various command line * tool environments, see Using * JSON for Parameters in the AWS CLI User Guide. For example:

* [{"username":"bob"},{"password":"abc123xyz456"}]

If your * command-line tool or SDK requires quotation marks around the parameter, you * should use single quotes to avoid confusion with the double quotes required in * the JSON text. You can also 'escape' the double quote character in the embedded * JSON text by prefacing each with a backslash. For example, the following string * is surrounded by double-quotes. All of the embedded double quotes are * escaped:

* "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"

*/ inline const Aws::String& GetSecretString() const{ return m_secretString; } /** *

(Optional) Specifies updated text data that you want to encrypt and store in * this new version of the secret. Either SecretBinary or * SecretString must have a value, but not both. They cannot both be * empty.

If you create this secret by using the Secrets Manager console * then Secrets Manager puts the protected secret text in only the * SecretString parameter. The Secrets Manager console stores the * information as a JSON structure of key/value pairs that the default Lambda * rotation function knows how to parse.

For storing multiple values, we * recommend that you use a JSON text string argument and specify key/value pairs. * For information on how to format a JSON parameter for the various command line * tool environments, see Using * JSON for Parameters in the AWS CLI User Guide. For example:

* [{"username":"bob"},{"password":"abc123xyz456"}]

If your * command-line tool or SDK requires quotation marks around the parameter, you * should use single quotes to avoid confusion with the double quotes required in * the JSON text. You can also 'escape' the double quote character in the embedded * JSON text by prefacing each with a backslash. For example, the following string * is surrounded by double-quotes. All of the embedded double quotes are * escaped:

* "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"

*/ inline bool SecretStringHasBeenSet() const { return m_secretStringHasBeenSet; } /** *

(Optional) Specifies updated text data that you want to encrypt and store in * this new version of the secret. Either SecretBinary or * SecretString must have a value, but not both. They cannot both be * empty.

If you create this secret by using the Secrets Manager console * then Secrets Manager puts the protected secret text in only the * SecretString parameter. The Secrets Manager console stores the * information as a JSON structure of key/value pairs that the default Lambda * rotation function knows how to parse.

For storing multiple values, we * recommend that you use a JSON text string argument and specify key/value pairs. * For information on how to format a JSON parameter for the various command line * tool environments, see Using * JSON for Parameters in the AWS CLI User Guide. For example:

* [{"username":"bob"},{"password":"abc123xyz456"}]

If your * command-line tool or SDK requires quotation marks around the parameter, you * should use single quotes to avoid confusion with the double quotes required in * the JSON text. You can also 'escape' the double quote character in the embedded * JSON text by prefacing each with a backslash. For example, the following string * is surrounded by double-quotes. All of the embedded double quotes are * escaped:

* "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"

*/ inline void SetSecretString(const Aws::String& value) { m_secretStringHasBeenSet = true; m_secretString = value; } /** *

(Optional) Specifies updated text data that you want to encrypt and store in * this new version of the secret. Either SecretBinary or * SecretString must have a value, but not both. They cannot both be * empty.

If you create this secret by using the Secrets Manager console * then Secrets Manager puts the protected secret text in only the * SecretString parameter. The Secrets Manager console stores the * information as a JSON structure of key/value pairs that the default Lambda * rotation function knows how to parse.

For storing multiple values, we * recommend that you use a JSON text string argument and specify key/value pairs. * For information on how to format a JSON parameter for the various command line * tool environments, see Using * JSON for Parameters in the AWS CLI User Guide. For example:

* [{"username":"bob"},{"password":"abc123xyz456"}]

If your * command-line tool or SDK requires quotation marks around the parameter, you * should use single quotes to avoid confusion with the double quotes required in * the JSON text. You can also 'escape' the double quote character in the embedded * JSON text by prefacing each with a backslash. For example, the following string * is surrounded by double-quotes. All of the embedded double quotes are * escaped:

* "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"

*/ inline void SetSecretString(Aws::String&& value) { m_secretStringHasBeenSet = true; m_secretString = std::move(value); } /** *

(Optional) Specifies updated text data that you want to encrypt and store in * this new version of the secret. Either SecretBinary or * SecretString must have a value, but not both. They cannot both be * empty.

If you create this secret by using the Secrets Manager console * then Secrets Manager puts the protected secret text in only the * SecretString parameter. The Secrets Manager console stores the * information as a JSON structure of key/value pairs that the default Lambda * rotation function knows how to parse.

For storing multiple values, we * recommend that you use a JSON text string argument and specify key/value pairs. * For information on how to format a JSON parameter for the various command line * tool environments, see Using * JSON for Parameters in the AWS CLI User Guide. For example:

* [{"username":"bob"},{"password":"abc123xyz456"}]

If your * command-line tool or SDK requires quotation marks around the parameter, you * should use single quotes to avoid confusion with the double quotes required in * the JSON text. You can also 'escape' the double quote character in the embedded * JSON text by prefacing each with a backslash. For example, the following string * is surrounded by double-quotes. All of the embedded double quotes are * escaped:

* "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"

*/ inline void SetSecretString(const char* value) { m_secretStringHasBeenSet = true; m_secretString.assign(value); } /** *

(Optional) Specifies updated text data that you want to encrypt and store in * this new version of the secret. Either SecretBinary or * SecretString must have a value, but not both. They cannot both be * empty.

If you create this secret by using the Secrets Manager console * then Secrets Manager puts the protected secret text in only the * SecretString parameter. The Secrets Manager console stores the * information as a JSON structure of key/value pairs that the default Lambda * rotation function knows how to parse.

For storing multiple values, we * recommend that you use a JSON text string argument and specify key/value pairs. * For information on how to format a JSON parameter for the various command line * tool environments, see Using * JSON for Parameters in the AWS CLI User Guide. For example:

* [{"username":"bob"},{"password":"abc123xyz456"}]

If your * command-line tool or SDK requires quotation marks around the parameter, you * should use single quotes to avoid confusion with the double quotes required in * the JSON text. You can also 'escape' the double quote character in the embedded * JSON text by prefacing each with a backslash. For example, the following string * is surrounded by double-quotes. All of the embedded double quotes are * escaped:

* "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"

*/ inline UpdateSecretRequest& WithSecretString(const Aws::String& value) { SetSecretString(value); return *this;} /** *

(Optional) Specifies updated text data that you want to encrypt and store in * this new version of the secret. Either SecretBinary or * SecretString must have a value, but not both. They cannot both be * empty.

If you create this secret by using the Secrets Manager console * then Secrets Manager puts the protected secret text in only the * SecretString parameter. The Secrets Manager console stores the * information as a JSON structure of key/value pairs that the default Lambda * rotation function knows how to parse.

For storing multiple values, we * recommend that you use a JSON text string argument and specify key/value pairs. * For information on how to format a JSON parameter for the various command line * tool environments, see Using * JSON for Parameters in the AWS CLI User Guide. For example:

* [{"username":"bob"},{"password":"abc123xyz456"}]

If your * command-line tool or SDK requires quotation marks around the parameter, you * should use single quotes to avoid confusion with the double quotes required in * the JSON text. You can also 'escape' the double quote character in the embedded * JSON text by prefacing each with a backslash. For example, the following string * is surrounded by double-quotes. All of the embedded double quotes are * escaped:

* "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"

*/ inline UpdateSecretRequest& WithSecretString(Aws::String&& value) { SetSecretString(std::move(value)); return *this;} /** *

(Optional) Specifies updated text data that you want to encrypt and store in * this new version of the secret. Either SecretBinary or * SecretString must have a value, but not both. They cannot both be * empty.

If you create this secret by using the Secrets Manager console * then Secrets Manager puts the protected secret text in only the * SecretString parameter. The Secrets Manager console stores the * information as a JSON structure of key/value pairs that the default Lambda * rotation function knows how to parse.

For storing multiple values, we * recommend that you use a JSON text string argument and specify key/value pairs. * For information on how to format a JSON parameter for the various command line * tool environments, see Using * JSON for Parameters in the AWS CLI User Guide. For example:

* [{"username":"bob"},{"password":"abc123xyz456"}]

If your * command-line tool or SDK requires quotation marks around the parameter, you * should use single quotes to avoid confusion with the double quotes required in * the JSON text. You can also 'escape' the double quote character in the embedded * JSON text by prefacing each with a backslash. For example, the following string * is surrounded by double-quotes. All of the embedded double quotes are * escaped:

* "[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]"

*/ inline UpdateSecretRequest& WithSecretString(const char* value) { SetSecretString(value); return *this;} private: Aws::String m_secretId; bool m_secretIdHasBeenSet; Aws::String m_clientRequestToken; bool m_clientRequestTokenHasBeenSet; Aws::String m_description; bool m_descriptionHasBeenSet; Aws::String m_kmsKeyId; bool m_kmsKeyIdHasBeenSet; Aws::Utils::CryptoBuffer m_secretBinary; bool m_secretBinaryHasBeenSet; Aws::String m_secretString; bool m_secretStringHasBeenSet; }; } // namespace Model } // namespace SecretsManager } // namespace Aws