docs(client-secrets-manager): Doc only update for Secrets Manager

aws · Jul 18, 2024 · 3f9a4c4 · 3f9a4c4
1 parent e17e8ba
commit 3f9a4c4
Show file tree

Hide file tree

Showing 6 changed files with 29 additions and 20 deletions.
diff --git a/clients/client-secrets-manager/src/auth/httpAuthSchemeProvider.ts b/clients/client-secrets-manager/src/auth/httpAuthSchemeProvider.ts
@@ -60,7 +60,7 @@ function createAwsAuthSigv4HttpAuthOption(authParameters: SecretsManagerHttpAuth
       name: "secretsmanager",
       region: authParameters.region,
     },
-    propertiesExtractor: (config: SecretsManagerClientConfig, context) => ({
+    propertiesExtractor: (config: Partial<SecretsManagerClientConfig>, context) => ({
       /**
        * @internal
        */

diff --git a/clients/client-secrets-manager/src/commands/CreateSecretCommand.ts b/clients/client-secrets-manager/src/commands/CreateSecretCommand.ts
@@ -64,6 +64,9 @@ export interface CreateSecretCommandOutput extends CreateSecretResponse, __Metad
  *       IAM policy actions for Secrets Manager</a> and <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html">Authentication
  *       and access control in Secrets Manager</a>. </p>
  *          <p>To encrypt the secret with a KMS key other than <code>aws/secretsmanager</code>, you need <code>kms:GenerateDataKey</code> and <code>kms:Decrypt</code> permission to the key. </p>
+ *          <important>
+ *             <p>When you enter commands in a command shell, there is a risk of the command history being accessed or utilities having access to your command parameters. This is a concern if the command includes the value of a secret. Learn how to <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html">Mitigate the risks of using command-line tools to store Secrets Manager secrets</a>.</p>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

diff --git a/clients/client-secrets-manager/src/commands/PutSecretValueCommand.ts b/clients/client-secrets-manager/src/commands/PutSecretValueCommand.ts
@@ -60,6 +60,9 @@ export interface PutSecretValueCommandOutput extends PutSecretValueResponse, __M
  *       For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions">
  *       IAM policy actions for Secrets Manager</a> and <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html">Authentication
  *       and access control in Secrets Manager</a>. </p>
+ *          <important>
+ *             <p>When you enter commands in a command shell, there is a risk of the command history being accessed or utilities having access to your command parameters. This is a concern if the command includes the value of a secret. Learn how to <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html">Mitigate the risks of using command-line tools to store Secrets Manager secrets</a>.</p>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

diff --git a/clients/client-secrets-manager/src/commands/UpdateSecretCommand.ts b/clients/client-secrets-manager/src/commands/UpdateSecretCommand.ts
@@ -53,8 +53,11 @@ export interface UpdateSecretCommandOutput extends UpdateSecretResponse, __Metad
  *       IAM policy actions for Secrets Manager</a> and <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html">Authentication
  *       and access control in Secrets Manager</a>.
  *       If you use a customer managed key, you must also have <code>kms:GenerateDataKey</code>, <code>kms:Encrypt</code>, and
- *       <code>kms:Decrypt</code> permissions on the key. If you change the KMS key and you don't have <code>kms:Encrypt</code> permission to the new key, Secrets Manager does not re-ecrypt existing secret versions with the new key. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html">
+ *       <code>kms:Decrypt</code> permissions on the key. If you change the KMS key and you don't have <code>kms:Encrypt</code> permission to the new key, Secrets Manager does not re-encrypt existing secret versions with the new key. For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html">
  *         Secret encryption and decryption</a>.</p>
+ *          <important>
+ *             <p>When you enter commands in a command shell, there is a risk of the command history being accessed or utilities having access to your command parameters. This is a concern if the command includes the value of a secret. Learn how to <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html">Mitigate the risks of using command-line tools to store Secrets Manager secrets</a>.</p>
+ *          </important>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

diff --git a/clients/client-secrets-manager/src/models/models_0.ts b/clients/client-secrets-manager/src/models/models_0.ts
@@ -2095,7 +2095,7 @@ export interface UpdateSecretRequest {
   /**
    * <p>The ARN, key ID, or alias of the KMS key that Secrets Manager
    *       uses to encrypt new secret versions as well as any existing versions with the staging labels
-   *       <code>AWSCURRENT</code>, <code>AWSPENDING</code>, or <code>AWSPREVIOUS</code>. If you don't have <code>kms:Encrypt</code> permission to the new key, Secrets Manager does not re-ecrypt existing secret versions with the new key. For more information about versions and staging labels, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version">Concepts: Version</a>.</p>
+   *       <code>AWSCURRENT</code>, <code>AWSPENDING</code>, or <code>AWSPREVIOUS</code>. If you don't have <code>kms:Encrypt</code> permission to the new key, Secrets Manager does not re-encrypt existing secret versions with the new key. For more information about versions and staging labels, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version">Concepts: Version</a>.</p>
    *          <p>A key alias is always prefixed by <code>alias/</code>, for example <code>alias/aws/secretsmanager</code>.
    *           For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html">About aliases</a>.</p>
    *          <p>If you set this to an empty string, Secrets Manager uses the Amazon Web Services managed key