Skip to main content

aws_lite_rs/types/
secretsmanager.rs

1//! Types for the AWS Secrets Manager API (v1).
2//!
3//! Auto-generated from the AWS Botocore Model.
4//! **Do not edit manually** — modify the manifest and re-run codegen.
5
6use serde::{Deserialize, Serialize};
7
8///
9/// **AWS API**: `secretsmanager.v1.ListSecretsRequest`
10///
11/// ## Coverage
12/// 4 of 6 fields included.
13/// Omitted fields:
14/// - `IncludePlannedDeletion` — not selected in manifest
15/// - `Filters` — not selected in manifest
16#[derive(Debug, Clone, Default, Serialize, Deserialize)]
17#[serde(rename_all = "PascalCase")]
18pub struct ListSecretsRequest {
19    /// The number of results to include in the response. If there are more results available,
20    /// in the response, Secrets Manager includes NextToken. To get the next results, call
21    /// ListSecrets again with the value from NextToken.
22    #[serde(skip_serializing_if = "Option::is_none")]
23    pub max_results: Option<i32>,
24
25    /// A token that indicates where the output should continue from, if a previous call did not
26    /// show all results. To get the next results, call ListSecrets again with this value.
27    #[serde(skip_serializing_if = "Option::is_none")]
28    pub next_token: Option<String>,
29
30    /// Secrets are listed by CreatedDate.
31    #[serde(skip_serializing_if = "Option::is_none")]
32    pub sort_order: Option<String>,
33
34    /// If not specified, secrets are listed by CreatedDate.
35    #[serde(skip_serializing_if = "Option::is_none")]
36    pub sort_by: Option<String>,
37}
38
39impl ListSecretsRequest {
40    #[cfg(any(test, feature = "test-support"))]
41    /// Create a fixture instance for testing.
42    pub fn fixture() -> Self {
43        Self {
44            max_results: Some(100),
45            next_token: Some("test-next_token".into()),
46            sort_order: Some("test-sort_order".into()),
47            sort_by: Some("test-sort_by".into()),
48        }
49    }
50}
51
52///
53/// **AWS API**: `secretsmanager.v1.ListSecretsResponse`
54#[derive(Debug, Clone, Default, Serialize, Deserialize)]
55#[serde(rename_all = "PascalCase")]
56pub struct ListSecretsResponse {
57    /// A list of the secrets in the account.
58    #[serde(default)]
59    #[serde(skip_serializing_if = "Vec::is_empty")]
60    pub secret_list: Vec<SecretListEntry>,
61
62    /// Secrets Manager includes this value if there's more output available than what is
63    /// included in the current response. This can occur even when the response includes no
64    /// values at all, such as when you ask for a filtered view of a long list. To get the next
65    /// results, call ListSecrets again with this value.
66    #[serde(skip_serializing_if = "Option::is_none")]
67    pub next_token: Option<String>,
68}
69
70impl ListSecretsResponse {
71    #[cfg(any(test, feature = "test-support"))]
72    /// Create a fixture instance for testing.
73    pub fn fixture() -> Self {
74        Self {
75            secret_list: vec![],
76            next_token: Some("test-next_token".into()),
77        }
78    }
79}
80
81/// A structure that contains the details about a secret. It does not include the encrypted
82/// SecretString and SecretBinary values. To get those values, use GetSecretValue .
83///
84/// **AWS API**: `secretsmanager.v1.SecretListEntry`
85///
86/// ## Coverage
87/// 10 of 20 fields included.
88/// Omitted fields:
89/// - `Type` — not selected in manifest
90/// - `KmsKeyId` — not selected in manifest
91/// - `RotationLambdaARN` — not selected in manifest
92/// - `ExternalSecretRotationMetadata` — not selected in manifest
93/// - `ExternalSecretRotationRoleArn` — not selected in manifest
94/// - `NextRotationDate` — not selected in manifest
95/// - `Tags` — not selected in manifest
96/// - `SecretVersionsToStages` — not selected in manifest
97/// - `OwningService` — not selected in manifest
98/// - `PrimaryRegion` — not selected in manifest
99#[derive(Debug, Clone, Default, Serialize, Deserialize)]
100#[serde(rename_all = "PascalCase")]
101pub struct SecretListEntry {
102    /// The Amazon Resource Name (ARN) of the secret.
103    #[serde(rename = "ARN")]
104    #[serde(skip_serializing_if = "Option::is_none")]
105    pub arn: Option<String>,
106
107    /// The friendly name of the secret.
108    #[serde(skip_serializing_if = "Option::is_none")]
109    pub name: Option<String>,
110
111    /// The user-provided description of the secret.
112    #[serde(skip_serializing_if = "Option::is_none")]
113    pub description: Option<String>,
114
115    /// Indicates whether automatic, scheduled rotation is enabled for this secret.
116    #[serde(skip_serializing_if = "Option::is_none")]
117    pub rotation_enabled: Option<bool>,
118
119    /// A structure that defines the rotation configuration for the secret.
120    #[serde(skip_serializing_if = "Option::is_none")]
121    pub rotation_rules: Option<RotationRulesType>,
122
123    /// The most recent date and time that the Secrets Manager rotation process was successfully
124    /// completed. This value is null if the secret hasn't ever rotated.
125    #[serde(skip_serializing_if = "Option::is_none")]
126    pub last_rotated_date: Option<f64>,
127
128    /// The last date and time that this secret was modified in any way.
129    #[serde(skip_serializing_if = "Option::is_none")]
130    pub last_changed_date: Option<f64>,
131
132    /// The date that the secret was last accessed in the Region. This field is omitted if the
133    /// secret has never been retrieved in the Region.
134    #[serde(skip_serializing_if = "Option::is_none")]
135    pub last_accessed_date: Option<f64>,
136
137    /// The date and time when a secret was created.
138    #[serde(skip_serializing_if = "Option::is_none")]
139    pub created_date: Option<f64>,
140
141    /// The date and time the deletion of the secret occurred. Not present on active secrets.
142    /// The secret can be recovered until the number of days in the recovery window has passed,
143    /// as specified in the RecoveryWindowInDays parameter of the DeleteSecret operation.
144    #[serde(skip_serializing_if = "Option::is_none")]
145    pub deleted_date: Option<f64>,
146}
147
148impl SecretListEntry {
149    #[cfg(any(test, feature = "test-support"))]
150    /// Create a fixture instance for testing.
151    pub fn fixture() -> Self {
152        Self {
153            arn: Some("test-arn".into()),
154            name: Some("test-name".into()),
155            description: Some("test-description".into()),
156            rotation_enabled: Some(false),
157            rotation_rules: Some(RotationRulesType::fixture()),
158            ..Default::default()
159        }
160    }
161}
162
163/// A structure that defines the rotation configuration for the secret.
164///
165/// **AWS API**: `secretsmanager.v1.RotationRulesType`
166///
167/// ## Coverage
168/// 2 of 3 fields included.
169/// Omitted fields:
170/// - `Duration` — not selected in manifest
171#[derive(Debug, Clone, Default, Serialize, Deserialize)]
172#[serde(rename_all = "PascalCase")]
173pub struct RotationRulesType {
174    /// The number of days between rotations of the secret. You can use this value to check that
175    /// your secret meets your compliance guidelines for how often secrets must be rotated. If
176    /// you use this field to set the rotation schedule, Secrets Manager calculates the next
177    /// rotation date based on the previous rotation. Manually updating the secret value by
178    /// calling PutSecretValue or UpdateSecret is considered a valid rotation. In DescribeSecret
179    /// and ListSecrets, this value is calculated from the rotation schedule after every
180    /// successful rotation. In RotateSecret, you can set the rotation schedule in RotationRules
181    /// with AutomaticallyAfterDays or ScheduleExpression, but not both. To set a rotation
182    /// schedule in hours, use ScheduleExpression.
183    #[serde(skip_serializing_if = "Option::is_none")]
184    pub automatically_after_days: Option<i64>,
185
186    /// A cron() or rate() expression that defines the schedule for rotating your secret.
187    /// Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your
188    /// secret any time during a rotation window. Secrets Manager rate() expressions represent
189    /// the interval in hours or days that you want to rotate your secret, for example rate(12
190    /// hours) or rate(10 days). You can rotate a secret as often as every four hours. If you
191    /// use a rate() expression, the rotation window starts at midnight. For a rate in hours,
192    /// the default rotation window closes after one hour. For a rate in days, the default
193    /// rotation window closes at the end of the day. You can set the Duration to change the
194    /// rotation window. The rotation window must not extend into the next UTC day or into the
195    /// next rotation window. You can use a cron() expression to create a rotation schedule that
196    /// is more detailed than a rotation interval. For more information, including examples, see
197    /// Schedule expressions in Secrets Manager rotation in the Secrets Manager Users Guide. For
198    /// a cron expression that represents a schedule in hours, the default rotation window
199    /// closes after one hour. For a cron expression that represents a schedule in days, the
200    /// default rotation window closes at the end of the day. You can set the Duration to change
201    /// the rotation window. The rotation window must not extend into the next UTC day or into
202    /// the next rotation window.
203    #[serde(skip_serializing_if = "Option::is_none")]
204    pub schedule_expression: Option<String>,
205}
206
207impl RotationRulesType {
208    #[cfg(any(test, feature = "test-support"))]
209    /// Create a fixture instance for testing.
210    pub fn fixture() -> Self {
211        Self {
212            automatically_after_days: Some(100),
213            schedule_expression: Some("test-schedule_expression".into()),
214        }
215    }
216}
217
218///
219/// **AWS API**: `secretsmanager.v1.DeleteSecretRequest`
220#[derive(Debug, Clone, Default, Serialize, Deserialize)]
221#[serde(rename_all = "PascalCase")]
222pub struct DeleteSecretRequest {
223    /// The ARN or name of the secret to delete. For an ARN, we recommend that you specify a
224    /// complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
225    pub secret_id: String,
226
227    /// The number of days from 7 to 30 that Secrets Manager waits before permanently deleting
228    /// the secret. You can't use both this parameter and ForceDeleteWithoutRecovery in the same
229    /// call. If you don't use either, then by default Secrets Manager uses a 30 day recovery
230    /// window.
231    #[serde(skip_serializing_if = "Option::is_none")]
232    pub recovery_window_in_days: Option<i64>,
233
234    /// Specifies whether to delete the secret without any recovery window. You can't use both
235    /// this parameter and RecoveryWindowInDays in the same call. If you don't use either, then
236    /// by default Secrets Manager uses a 30 day recovery window. Secrets Manager performs the
237    /// actual deletion with an asynchronous background process, so there might be a short delay
238    /// before the secret is permanently deleted. If you delete a secret and then immediately
239    /// create a secret with the same name, use appropriate back off and retry logic. If you
240    /// forcibly delete an already deleted or nonexistent secret, the operation does not return
241    /// ResourceNotFoundException. Use this parameter with caution. This parameter causes the
242    /// operation to skip the normal recovery window before the permanent deletion that Secrets
243    /// Manager would normally impose with the RecoveryWindowInDays parameter. If you delete a
244    /// secret with the ForceDeleteWithoutRecovery parameter, then you have no opportunity to
245    /// recover the secret. You lose the secret permanently.
246    #[serde(skip_serializing_if = "Option::is_none")]
247    pub force_delete_without_recovery: Option<bool>,
248}
249
250impl DeleteSecretRequest {
251    #[cfg(any(test, feature = "test-support"))]
252    /// Create a fixture instance for testing.
253    pub fn fixture() -> Self {
254        Self {
255            secret_id: "test-secret_id".into(),
256            recovery_window_in_days: Some(100),
257            force_delete_without_recovery: Some(false),
258        }
259    }
260}
261
262///
263/// **AWS API**: `secretsmanager.v1.DeleteSecretResponse`
264#[derive(Debug, Clone, Default, Serialize, Deserialize)]
265#[serde(rename_all = "PascalCase")]
266pub struct DeleteSecretResponse {
267    /// The ARN of the secret.
268    #[serde(rename = "ARN")]
269    #[serde(skip_serializing_if = "Option::is_none")]
270    pub arn: Option<String>,
271
272    /// The name of the secret.
273    #[serde(skip_serializing_if = "Option::is_none")]
274    pub name: Option<String>,
275
276    /// The date and time after which this secret Secrets Manager can permanently delete this
277    /// secret, and it can no longer be restored. This value is the date and time of the delete
278    /// request plus the number of days in RecoveryWindowInDays.
279    #[serde(skip_serializing_if = "Option::is_none")]
280    pub deletion_date: Option<f64>,
281}
282
283impl DeleteSecretResponse {
284    #[cfg(any(test, feature = "test-support"))]
285    /// Create a fixture instance for testing.
286    pub fn fixture() -> Self {
287        Self {
288            arn: Some("test-arn".into()),
289            name: Some("test-name".into()),
290            ..Default::default()
291        }
292    }
293}
294
295///
296/// **AWS API**: `secretsmanager.v1.RotateSecretRequest`
297///
298/// ## Coverage
299/// 4 of 7 fields included.
300/// Omitted fields:
301/// - `ClientRequestToken` — not selected in manifest
302/// - `ExternalSecretRotationMetadata` — not selected in manifest
303/// - `ExternalSecretRotationRoleArn` — not selected in manifest
304#[derive(Debug, Clone, Default, Serialize, Deserialize)]
305#[serde(rename_all = "PascalCase")]
306pub struct RotateSecretRequest {
307    /// The ARN or name of the secret to rotate. For an ARN, we recommend that you specify a
308    /// complete ARN rather than a partial ARN. See Finding a secret from a partial ARN.
309    pub secret_id: String,
310
311    /// For secrets that use a Lambda rotation function to rotate, the ARN of the Lambda
312    /// rotation function. For secrets that use managed rotation, omit this field. For more
313    /// information, see Managed rotation in the Secrets Manager User Guide.
314    #[serde(rename = "RotationLambdaARN")]
315    #[serde(skip_serializing_if = "Option::is_none")]
316    pub rotation_lambda_arn: Option<String>,
317
318    /// A structure that defines the rotation configuration for this secret. When changing an
319    /// existing rotation schedule and setting RotateImmediately to false: If using
320    /// AutomaticallyAfterDays or a ScheduleExpression with rate(), the previously scheduled
321    /// rotation might still occur. To prevent unintended rotations, use a ScheduleExpression
322    /// with cron() for granular control over rotation windows.
323    #[serde(skip_serializing_if = "Option::is_none")]
324    pub rotation_rules: Option<RotationRulesType>,
325
326    /// Specifies whether to rotate the secret immediately or wait until the next scheduled
327    /// rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules.
328    /// The default for RotateImmediately is true. If you don't specify this value, Secrets
329    /// Manager rotates the secret immediately. If you set RotateImmediately to false, Secrets
330    /// Manager tests the rotation configuration by running the testSecret step of the Lambda
331    /// rotation function. This test creates an AWSPENDING version of the secret and then
332    /// removes it. When changing an existing rotation schedule and setting RotateImmediately to
333    /// false: If using AutomaticallyAfterDays or a ScheduleExpression with rate(), the
334    /// previously scheduled rotation might still occur. To prevent unintended rotations, use a
335    /// ScheduleExpression with cron() for granular control over rotation windows. Rotation is
336    /// an asynchronous process. For more information, see How rotation works.
337    #[serde(skip_serializing_if = "Option::is_none")]
338    pub rotate_immediately: Option<bool>,
339}
340
341impl RotateSecretRequest {
342    #[cfg(any(test, feature = "test-support"))]
343    /// Create a fixture instance for testing.
344    pub fn fixture() -> Self {
345        Self {
346            secret_id: "test-secret_id".into(),
347            rotation_lambda_arn: Some("test-rotation_lambda_arn".into()),
348            rotation_rules: Some(RotationRulesType::fixture()),
349            rotate_immediately: Some(false),
350        }
351    }
352}
353
354///
355/// **AWS API**: `secretsmanager.v1.RotateSecretResponse`
356#[derive(Debug, Clone, Default, Serialize, Deserialize)]
357#[serde(rename_all = "PascalCase")]
358pub struct RotateSecretResponse {
359    /// The ARN of the secret.
360    #[serde(rename = "ARN")]
361    #[serde(skip_serializing_if = "Option::is_none")]
362    pub arn: Option<String>,
363
364    /// The name of the secret.
365    #[serde(skip_serializing_if = "Option::is_none")]
366    pub name: Option<String>,
367
368    /// The ID of the new version of the secret.
369    #[serde(skip_serializing_if = "Option::is_none")]
370    pub version_id: Option<String>,
371}
372
373impl RotateSecretResponse {
374    #[cfg(any(test, feature = "test-support"))]
375    /// Create a fixture instance for testing.
376    pub fn fixture() -> Self {
377        Self {
378            arn: Some("test-arn".into()),
379            name: Some("test-name".into()),
380            version_id: Some("test-version_id".into()),
381        }
382    }
383}