@Generated(value="com.amazonaws:aws-java-sdk-code-generator") public class UpdateSecretRequest extends AmazonWebServiceRequest implements Serializable, Cloneable
NOOP
Constructor and Description |
---|
UpdateSecretRequest() |
Modifier and Type | Method and Description |
---|---|
UpdateSecretRequest |
clone()
Creates a shallow clone of this object for all fields except the handler context.
|
boolean |
equals(Object obj) |
String |
getClientRequestToken()
If you include
SecretString or SecretBinary , then Secrets Manager creates a new version
for the secret, and this parameter specifies the unique identifier for the new version. |
String |
getDescription()
The description of the secret.
|
String |
getKmsKeyId()
The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt new secret versions as well as any
existing versions with the staging labels
AWSCURRENT , AWSPENDING , or
AWSPREVIOUS . |
ByteBuffer |
getSecretBinary()
The binary data to encrypt and store in the new version of the secret.
|
String |
getSecretId()
The ARN or name of the secret.
|
String |
getSecretString()
The text data to encrypt and store in the new version of the secret.
|
int |
hashCode() |
void |
setClientRequestToken(String clientRequestToken)
If you include
SecretString or SecretBinary , then Secrets Manager creates a new version
for the secret, and this parameter specifies the unique identifier for the new version. |
void |
setDescription(String description)
The description of the secret.
|
void |
setKmsKeyId(String kmsKeyId)
The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt new secret versions as well as any
existing versions with the staging labels
AWSCURRENT , AWSPENDING , or
AWSPREVIOUS . |
void |
setSecretBinary(ByteBuffer secretBinary)
The binary data to encrypt and store in the new version of the secret.
|
void |
setSecretId(String secretId)
The ARN or name of the secret.
|
void |
setSecretString(String secretString)
The text data to encrypt and store in the new version of the secret.
|
String |
toString()
Returns a string representation of this object.
|
UpdateSecretRequest |
withClientRequestToken(String clientRequestToken)
If you include
SecretString or SecretBinary , then Secrets Manager creates a new version
for the secret, and this parameter specifies the unique identifier for the new version. |
UpdateSecretRequest |
withDescription(String description)
The description of the secret.
|
UpdateSecretRequest |
withKmsKeyId(String kmsKeyId)
The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt new secret versions as well as any
existing versions with the staging labels
AWSCURRENT , AWSPENDING , or
AWSPREVIOUS . |
UpdateSecretRequest |
withSecretBinary(ByteBuffer secretBinary)
The binary data to encrypt and store in the new version of the secret.
|
UpdateSecretRequest |
withSecretId(String secretId)
The ARN or name of the secret.
|
UpdateSecretRequest |
withSecretString(String secretString)
The text data to encrypt and store in the new version of the secret.
|
addHandlerContext, getCloneRoot, getCloneSource, getCustomQueryParameters, getCustomRequestHeaders, getGeneralProgressListener, getHandlerContext, getReadLimit, getRequestClientOptions, getRequestCredentials, getRequestCredentialsProvider, getRequestMetricCollector, getSdkClientExecutionTimeout, getSdkRequestTimeout, putCustomQueryParameter, putCustomRequestHeader, setGeneralProgressListener, setRequestCredentials, setRequestCredentialsProvider, setRequestMetricCollector, setSdkClientExecutionTimeout, setSdkRequestTimeout, withGeneralProgressListener, withRequestCredentialsProvider, withRequestMetricCollector, withSdkClientExecutionTimeout, withSdkRequestTimeout
public void setSecretId(String secretId)
The ARN or name of the secret.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
secretId
- The ARN or name of the secret.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
public String getSecretId()
The ARN or name of the secret.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
public UpdateSecretRequest withSecretId(String secretId)
The ARN or name of the secret.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
secretId
- The ARN or name of the secret.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
public void setClientRequestToken(String clientRequestToken)
If you include SecretString
or SecretBinary
, then Secrets Manager creates a new version
for the secret, and this parameter specifies the unique identifier for the new version.
If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes it as the value for this parameter in the request.
If you generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a
ClientRequestToken
and include it in the request.
This value helps ensure idempotency. Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during a rotation. We recommend that you generate a UUID-type value to ensure uniqueness of your versions within the specified secret.
clientRequestToken
- If you include SecretString
or SecretBinary
, then Secrets Manager creates a new
version for the secret, and this parameter specifies the unique identifier for the new version. If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes it as the value for this parameter in the request.
If you generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a
ClientRequestToken
and include it in the request.
This value helps ensure idempotency. Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during a rotation. We recommend that you generate a UUID-type value to ensure uniqueness of your versions within the specified secret.
public String getClientRequestToken()
If you include SecretString
or SecretBinary
, then Secrets Manager creates a new version
for the secret, and this parameter specifies the unique identifier for the new version.
If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes it as the value for this parameter in the request.
If you generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a
ClientRequestToken
and include it in the request.
This value helps ensure idempotency. Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during a rotation. We recommend that you generate a UUID-type value to ensure uniqueness of your versions within the specified secret.
SecretString
or SecretBinary
, then Secrets Manager creates a new
version for the secret, and this parameter specifies the unique identifier for the new version.
If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes it as the value for this parameter in the request.
If you generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a
ClientRequestToken
and include it in the request.
This value helps ensure idempotency. Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during a rotation. We recommend that you generate a UUID-type value to ensure uniqueness of your versions within the specified secret.
public UpdateSecretRequest withClientRequestToken(String clientRequestToken)
If you include SecretString
or SecretBinary
, then Secrets Manager creates a new version
for the secret, and this parameter specifies the unique identifier for the new version.
If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes it as the value for this parameter in the request.
If you generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a
ClientRequestToken
and include it in the request.
This value helps ensure idempotency. Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during a rotation. We recommend that you generate a UUID-type value to ensure uniqueness of your versions within the specified secret.
clientRequestToken
- If you include SecretString
or SecretBinary
, then Secrets Manager creates a new
version for the secret, and this parameter specifies the unique identifier for the new version. If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs to call this operation, then you can leave this parameter empty. The CLI or SDK generates a random UUID for you and includes it as the value for this parameter in the request.
If you generate a raw HTTP request to the Secrets Manager service endpoint, then you must generate a
ClientRequestToken
and include it in the request.
This value helps ensure idempotency. Secrets Manager uses this value to prevent the accidental creation of duplicate versions if there are failures and retries during a rotation. We recommend that you generate a UUID-type value to ensure uniqueness of your versions within the specified secret.
public void setDescription(String description)
The description of the secret.
description
- The description of the secret.public String getDescription()
The description of the secret.
public UpdateSecretRequest withDescription(String description)
The description of the secret.
description
- The description of the secret.public void setKmsKeyId(String kmsKeyId)
The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt new secret versions as well as any
existing versions with the staging labels AWSCURRENT
, AWSPENDING
, or
AWSPREVIOUS
. If you don't have kms:Encrypt
permission to the new key, Secrets Manager
does not re-encrypt existing secret versions with the new key. For more information about versions and staging
labels, see Concepts:
Version.
A key alias is always prefixed by alias/
, for example alias/aws/secretsmanager
. For
more information, see About
aliases.
If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key
aws/secretsmanager
. If this key doesn't already exist in your account, then Secrets Manager creates
it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use
aws/secretsmanager
. Creating aws/secretsmanager
can result in a one-time significant
delay in returning the result.
You can only use the Amazon Web Services managed key aws/secretsmanager
if you call this operation
using credentials from the same Amazon Web Services account that owns the secret. If the secret is in a different
account, then you must use a customer managed key and provide the ARN of that KMS key in this field. The user
making the call must have permissions to both the secret and the KMS key in their respective accounts.
kmsKeyId
- The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt new secret versions as well
as any existing versions with the staging labels AWSCURRENT
, AWSPENDING
, or
AWSPREVIOUS
. If you don't have kms:Encrypt
permission to the new key, Secrets
Manager does not re-encrypt existing secret versions with the new key. For more information about versions
and staging labels, see Concepts: Version.
A key alias is always prefixed by alias/
, for example alias/aws/secretsmanager
.
For more information, see About aliases.
If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key
aws/secretsmanager
. If this key doesn't already exist in your account, then Secrets Manager
creates it for you automatically. All users and roles in the Amazon Web Services account automatically
have access to use aws/secretsmanager
. Creating aws/secretsmanager
can result in
a one-time significant delay in returning the result.
You can only use the Amazon Web Services managed key aws/secretsmanager
if you call this
operation using credentials from the same Amazon Web Services account that owns the secret. If the secret
is in a different account, then you must use a customer managed key and provide the ARN of that KMS key in
this field. The user making the call must have permissions to both the secret and the KMS key in their
respective accounts.
public String getKmsKeyId()
The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt new secret versions as well as any
existing versions with the staging labels AWSCURRENT
, AWSPENDING
, or
AWSPREVIOUS
. If you don't have kms:Encrypt
permission to the new key, Secrets Manager
does not re-encrypt existing secret versions with the new key. For more information about versions and staging
labels, see Concepts:
Version.
A key alias is always prefixed by alias/
, for example alias/aws/secretsmanager
. For
more information, see About
aliases.
If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key
aws/secretsmanager
. If this key doesn't already exist in your account, then Secrets Manager creates
it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use
aws/secretsmanager
. Creating aws/secretsmanager
can result in a one-time significant
delay in returning the result.
You can only use the Amazon Web Services managed key aws/secretsmanager
if you call this operation
using credentials from the same Amazon Web Services account that owns the secret. If the secret is in a different
account, then you must use a customer managed key and provide the ARN of that KMS key in this field. The user
making the call must have permissions to both the secret and the KMS key in their respective accounts.
AWSCURRENT
, AWSPENDING
, or
AWSPREVIOUS
. If you don't have kms:Encrypt
permission to the new key, Secrets
Manager does not re-encrypt existing secret versions with the new key. For more information about
versions and staging labels, see Concepts: Version.
A key alias is always prefixed by alias/
, for example alias/aws/secretsmanager
.
For more information, see About aliases.
If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key
aws/secretsmanager
. If this key doesn't already exist in your account, then Secrets Manager
creates it for you automatically. All users and roles in the Amazon Web Services account automatically
have access to use aws/secretsmanager
. Creating aws/secretsmanager
can result
in a one-time significant delay in returning the result.
You can only use the Amazon Web Services managed key aws/secretsmanager
if you call this
operation using credentials from the same Amazon Web Services account that owns the secret. If the secret
is in a different account, then you must use a customer managed key and provide the ARN of that KMS key
in this field. The user making the call must have permissions to both the secret and the KMS key in their
respective accounts.
public UpdateSecretRequest withKmsKeyId(String kmsKeyId)
The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt new secret versions as well as any
existing versions with the staging labels AWSCURRENT
, AWSPENDING
, or
AWSPREVIOUS
. If you don't have kms:Encrypt
permission to the new key, Secrets Manager
does not re-encrypt existing secret versions with the new key. For more information about versions and staging
labels, see Concepts:
Version.
A key alias is always prefixed by alias/
, for example alias/aws/secretsmanager
. For
more information, see About
aliases.
If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key
aws/secretsmanager
. If this key doesn't already exist in your account, then Secrets Manager creates
it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use
aws/secretsmanager
. Creating aws/secretsmanager
can result in a one-time significant
delay in returning the result.
You can only use the Amazon Web Services managed key aws/secretsmanager
if you call this operation
using credentials from the same Amazon Web Services account that owns the secret. If the secret is in a different
account, then you must use a customer managed key and provide the ARN of that KMS key in this field. The user
making the call must have permissions to both the secret and the KMS key in their respective accounts.
kmsKeyId
- The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt new secret versions as well
as any existing versions with the staging labels AWSCURRENT
, AWSPENDING
, or
AWSPREVIOUS
. If you don't have kms:Encrypt
permission to the new key, Secrets
Manager does not re-encrypt existing secret versions with the new key. For more information about versions
and staging labels, see Concepts: Version.
A key alias is always prefixed by alias/
, for example alias/aws/secretsmanager
.
For more information, see About aliases.
If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key
aws/secretsmanager
. If this key doesn't already exist in your account, then Secrets Manager
creates it for you automatically. All users and roles in the Amazon Web Services account automatically
have access to use aws/secretsmanager
. Creating aws/secretsmanager
can result in
a one-time significant delay in returning the result.
You can only use the Amazon Web Services managed key aws/secretsmanager
if you call this
operation using credentials from the same Amazon Web Services account that owns the secret. If the secret
is in a different account, then you must use a customer managed key and provide the ARN of that KMS key in
this field. The user making the call must have permissions to both the secret and the KMS key in their
respective accounts.
public void setSecretBinary(ByteBuffer secretBinary)
The binary data to encrypt and store in the new version of the secret. We recommend that you store your binary data in a file and then pass the contents of the file as a parameter.
Either SecretBinary
or SecretString
must have a value, but not both.
You can't access this parameter in the Secrets Manager console.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
The AWS SDK for Java performs a Base64 encoding on this field before sending this request to the AWS service. Users of the SDK should not perform Base64 encoding on this field.
Warning: ByteBuffers returned by the SDK are mutable. Changes to the content or position of the byte buffer will be seen by all objects that have a reference to this object. It is recommended to call ByteBuffer.duplicate() or ByteBuffer.asReadOnlyBuffer() before using or reading from the buffer. This behavior will be changed in a future major version of the SDK.
secretBinary
- The binary data to encrypt and store in the new version of the secret. We recommend that you store your
binary data in a file and then pass the contents of the file as a parameter.
Either SecretBinary
or SecretString
must have a value, but not both.
You can't access this parameter in the Secrets Manager console.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
public ByteBuffer getSecretBinary()
The binary data to encrypt and store in the new version of the secret. We recommend that you store your binary data in a file and then pass the contents of the file as a parameter.
Either SecretBinary
or SecretString
must have a value, but not both.
You can't access this parameter in the Secrets Manager console.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
ByteBuffer
s are stateful. Calling their get
methods changes their position
. We recommend
using ByteBuffer.asReadOnlyBuffer()
to create a read-only view of the buffer with an independent
position
, and calling get
methods on this rather than directly on the returned ByteBuffer
.
Doing so will ensure that anyone else using the ByteBuffer
will not be affected by changes to the
position
.
Either SecretBinary
or SecretString
must have a value, but not both.
You can't access this parameter in the Secrets Manager console.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
public UpdateSecretRequest withSecretBinary(ByteBuffer secretBinary)
The binary data to encrypt and store in the new version of the secret. We recommend that you store your binary data in a file and then pass the contents of the file as a parameter.
Either SecretBinary
or SecretString
must have a value, but not both.
You can't access this parameter in the Secrets Manager console.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
The AWS SDK for Java performs a Base64 encoding on this field before sending this request to the AWS service. Users of the SDK should not perform Base64 encoding on this field.
Warning: ByteBuffers returned by the SDK are mutable. Changes to the content or position of the byte buffer will be seen by all objects that have a reference to this object. It is recommended to call ByteBuffer.duplicate() or ByteBuffer.asReadOnlyBuffer() before using or reading from the buffer. This behavior will be changed in a future major version of the SDK.
secretBinary
- The binary data to encrypt and store in the new version of the secret. We recommend that you store your
binary data in a file and then pass the contents of the file as a parameter.
Either SecretBinary
or SecretString
must have a value, but not both.
You can't access this parameter in the Secrets Manager console.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
public void setSecretString(String secretString)
The text data to encrypt and store in the new version of the secret. We recommend you use a JSON structure of key/value pairs for your secret value.
Either SecretBinary
or SecretString
must have a value, but not both.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
secretString
- The text data to encrypt and store in the new version of the secret. We recommend you use a JSON structure
of key/value pairs for your secret value.
Either SecretBinary
or SecretString
must have a value, but not both.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
public String getSecretString()
The text data to encrypt and store in the new version of the secret. We recommend you use a JSON structure of key/value pairs for your secret value.
Either SecretBinary
or SecretString
must have a value, but not both.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
Either SecretBinary
or SecretString
must have a value, but not both.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
public UpdateSecretRequest withSecretString(String secretString)
The text data to encrypt and store in the new version of the secret. We recommend you use a JSON structure of key/value pairs for your secret value.
Either SecretBinary
or SecretString
must have a value, but not both.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
secretString
- The text data to encrypt and store in the new version of the secret. We recommend you use a JSON structure
of key/value pairs for your secret value.
Either SecretBinary
or SecretString
must have a value, but not both.
Sensitive: This field contains sensitive information, so the service does not include it in CloudTrail log entries. If you create your own log entries, you must also avoid logging the information in this field.
public String toString()
toString
in class Object
Object.toString()
public UpdateSecretRequest clone()
AmazonWebServiceRequest
clone
in class AmazonWebServiceRequest
Object.clone()