docs(client-secrets-manager): Doc only update for Secrets Manager

clients/client-secrets-manager/src/commands/CreateSecretCommand.ts

@@ -59,7 +59,7 @@ export interface CreateSecretCommandOutput extends CreateSecretResponse, __Metad
  *          <p>
  *             <b>Required permissions: </b>
  *             <code>secretsmanager:CreateSecret</code>. If you
- *       include tags in the secret, you also need <code>secretsmanager:TagResource</code>.
+ *       include tags in the secret, you also need <code>secretsmanager:TagResource</code>. To add replica Regions, you must also have <code>secretsmanager:ReplicateSecretToRegions</code>.
  *       For more information, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions">
  *       IAM policy actions for Secrets Manager</a> and <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html">Authentication
  *       and access control in Secrets Manager</a>. </p>

clients/client-secrets-manager/src/models/models_0.ts

@@ -1959,7 +1959,7 @@ export interface RotateSecretRequest {
    * <p>Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window.
    *     The rotation schedule is defined in <a>RotateSecretRequest$RotationRules</a>.</p>
    *          <p>For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the
-   *     <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html">
+   *     <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_lambda-functions.html#rotate-secrets_lambda-functions-code">
    *                <code>testSecret</code>
    *       step</a> of the Lambda rotation function. The test creates an <code>AWSPENDING</code> version of the secret and then removes it.</p>
    *          <p>By default, Secrets Manager rotates the secret immediately.</p>

codegen/sdk-codegen/aws-models/secrets-manager.json

@@ -350,7 +350,7 @@
         }
       ],
       "traits": {
-        "smithy.api#documentation": "<p>Creates a new secret. A <i>secret</i> can be a password, a set of \n      credentials such as a user name and password, an OAuth token, or other secret information \n      that you store in an encrypted form in Secrets Manager. The secret also \n      includes the connection information to access a database or other service, which Secrets Manager \n      doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the\n      important information needed to manage the secret.</p>\n         <p>For secrets that use <i>managed rotation</i>, you need to create the secret through the managing service. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html\">Secrets Manager secrets managed by other Amazon Web Services services</a>.\n\n    </p>\n         <p>For information about creating a secret in the console, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html\">Create a secret</a>.</p>\n         <p>To create a secret, you can provide the secret value to be encrypted in either the\n      <code>SecretString</code> parameter or the <code>SecretBinary</code> parameter, but not both. \n      If you include <code>SecretString</code> or <code>SecretBinary</code>\n      then Secrets Manager creates an initial secret version and automatically attaches the staging\n      label <code>AWSCURRENT</code> to it.</p>\n         <p>For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret,\n      you must make sure the JSON you store in the <code>SecretString</code> matches the <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html\">JSON structure of\n        a database secret</a>.</p>\n         <p>If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key \n      <code>aws/secretsmanager</code>. If this key \n      doesn't already exist in your account, then Secrets Manager creates it for you automatically. All\n      users and roles in the Amazon Web Services account automatically have access to use <code>aws/secretsmanager</code>. \n      Creating <code>aws/secretsmanager</code> can result in a one-time significant delay in returning the \n      result.</p>\n         <p>If the secret is in a different Amazon Web Services account from the credentials calling the API, then \n      you can't use <code>aws/secretsmanager</code> to encrypt the secret, and you must create \n      and use a customer managed KMS key. </p>\n         <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except <code>SecretBinary</code> or <code>SecretString</code> because it might be logged. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html\">Logging Secrets Manager events with CloudTrail</a>.</p>\n         <p>\n            <b>Required permissions: </b>\n            <code>secretsmanager:CreateSecret</code>. If you \n      include tags in the secret, you also need <code>secretsmanager:TagResource</code>.\n      For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions\">\n      IAM policy actions for Secrets Manager</a> and <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html\">Authentication \n      and access control in Secrets Manager</a>. </p>\n         <p>To encrypt the secret with a KMS key other than <code>aws/secretsmanager</code>, you need <code>kms:GenerateDataKey</code> and <code>kms:Decrypt</code> permission to the key. </p>",
+        "smithy.api#documentation": "<p>Creates a new secret. A <i>secret</i> can be a password, a set of \n      credentials such as a user name and password, an OAuth token, or other secret information \n      that you store in an encrypted form in Secrets Manager. The secret also \n      includes the connection information to access a database or other service, which Secrets Manager \n      doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the\n      important information needed to manage the secret.</p>\n         <p>For secrets that use <i>managed rotation</i>, you need to create the secret through the managing service. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html\">Secrets Manager secrets managed by other Amazon Web Services services</a>.\n\n    </p>\n         <p>For information about creating a secret in the console, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html\">Create a secret</a>.</p>\n         <p>To create a secret, you can provide the secret value to be encrypted in either the\n      <code>SecretString</code> parameter or the <code>SecretBinary</code> parameter, but not both. \n      If you include <code>SecretString</code> or <code>SecretBinary</code>\n      then Secrets Manager creates an initial secret version and automatically attaches the staging\n      label <code>AWSCURRENT</code> to it.</p>\n         <p>For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret,\n      you must make sure the JSON you store in the <code>SecretString</code> matches the <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html\">JSON structure of\n        a database secret</a>.</p>\n         <p>If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key \n      <code>aws/secretsmanager</code>. If this key \n      doesn't already exist in your account, then Secrets Manager creates it for you automatically. All\n      users and roles in the Amazon Web Services account automatically have access to use <code>aws/secretsmanager</code>. \n      Creating <code>aws/secretsmanager</code> can result in a one-time significant delay in returning the \n      result.</p>\n         <p>If the secret is in a different Amazon Web Services account from the credentials calling the API, then \n      you can't use <code>aws/secretsmanager</code> to encrypt the secret, and you must create \n      and use a customer managed KMS key. </p>\n         <p>Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except <code>SecretBinary</code> or <code>SecretString</code> because it might be logged. For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html\">Logging Secrets Manager events with CloudTrail</a>.</p>\n         <p>\n            <b>Required permissions: </b>\n            <code>secretsmanager:CreateSecret</code>. If you \n      include tags in the secret, you also need <code>secretsmanager:TagResource</code>. To add replica Regions, you must also have <code>secretsmanager:ReplicateSecretToRegions</code>.\n      For more information, see <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions\">\n      IAM policy actions for Secrets Manager</a> and <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html\">Authentication \n      and access control in Secrets Manager</a>. </p>\n         <p>To encrypt the secret with a KMS key other than <code>aws/secretsmanager</code>, you need <code>kms:GenerateDataKey</code> and <code>kms:Decrypt</code> permission to the key. </p>",
         "smithy.api#examples": [
           {
             "title": "To create a basic secret",
@@ -2442,7 +2442,7 @@
           "target": "com.amazonaws.secretsmanager#BooleanType",
           "traits": {
             "smithy.api#default": null,
-            "smithy.api#documentation": "<p>Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. \n    The rotation schedule is defined in <a>RotateSecretRequest$RotationRules</a>.</p>\n         <p>For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the \n    <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html\">\n               <code>testSecret</code> \n      step</a> of the Lambda rotation function. The test creates an <code>AWSPENDING</code> version of the secret and then removes it.</p>\n         <p>By default, Secrets Manager rotates the secret immediately.</p>"
+            "smithy.api#documentation": "<p>Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. \n    The rotation schedule is defined in <a>RotateSecretRequest$RotationRules</a>.</p>\n         <p>For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the \n    <a href=\"https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_lambda-functions.html#rotate-secrets_lambda-functions-code\">\n               <code>testSecret</code> \n      step</a> of the Lambda rotation function. The test creates an <code>AWSPENDING</code> version of the secret and then removes it.</p>\n         <p>By default, Secrets Manager rotates the secret immediately.</p>"
           }
         }
       },