SECRETSMANAGER

BatchGetSecretValue

enum_FilterNameStringType := [ "description", "name", "tag-key", "tag-value", "primary-region", "owning-service", "all" ] valid { input.Body.SecretIdList[_] == STRING input.Body.Filters[_].Key == enum_FilterNameStringType[_] input.Body.Filters[_].Values[_] == STRING input.Body.MaxResults == INTEGER input.Body.NextToken == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

CancelRotateSecret

valid { input.Body.SecretId == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

CreateSecret

valid { input.Body.Name == STRING input.Body.ClientRequestToken == STRING input.Body.Description == STRING input.Body.KmsKeyId == STRING input.Body.SecretBinary == BLOB input.Body.SecretString == STRING input.Body.Tags[_].Key == STRING input.Body.Tags[_].Value == STRING input.Body.AddReplicaRegions[_].Region == STRING input.Body.AddReplicaRegions[_].KmsKeyId == STRING input.Body.ForceOverwriteReplicaSecret == BOOLEAN input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

DeleteResourcePolicy

valid { input.Body.SecretId == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

DeleteSecret

valid { input.Body.SecretId == STRING input.Body.RecoveryWindowInDays == LONG input.Body.ForceDeleteWithoutRecovery == BOOLEAN input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

DescribeSecret

valid { input.Body.SecretId == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

GetRandomPassword

valid { input.Body.PasswordLength == LONG input.Body.ExcludeCharacters == STRING input.Body.ExcludeNumbers == BOOLEAN input.Body.ExcludePunctuation == BOOLEAN input.Body.ExcludeUppercase == BOOLEAN input.Body.ExcludeLowercase == BOOLEAN input.Body.IncludeSpace == BOOLEAN input.Body.RequireEachIncludedType == BOOLEAN input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

GetResourcePolicy

valid { input.Body.SecretId == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

GetSecretValue

valid { input.Body.SecretId == STRING input.Body.VersionId == STRING input.Body.VersionStage == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

ListSecretVersionIds

valid { input.Body.SecretId == STRING input.Body.MaxResults == INTEGER input.Body.NextToken == STRING input.Body.IncludeDeprecated == BOOLEAN input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

ListSecrets

enum_FilterNameStringType := [ "description", "name", "tag-key", "tag-value", "primary-region", "owning-service", "all" ] enum_SortOrderType := [ "asc", "desc" ] valid { input.Body.IncludePlannedDeletion == BOOLEAN input.Body.MaxResults == INTEGER input.Body.NextToken == STRING input.Body.Filters[_].Key == enum_FilterNameStringType[_] input.Body.Filters[_].Values[_] == STRING input.Body.SortOrder == enum_SortOrderType[_] input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

PutResourcePolicy

valid { input.Body.SecretId == STRING input.Body.ResourcePolicy == STRING input.Body.BlockPublicPolicy == BOOLEAN input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

PutSecretValue

valid { input.Body.SecretId == STRING input.Body.ClientRequestToken == STRING input.Body.SecretBinary == BLOB input.Body.SecretString == STRING input.Body.VersionStages[_] == STRING input.Body.RotationToken == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

RemoveRegionsFromReplication

valid { input.Body.SecretId == STRING input.Body.RemoveReplicaRegions[_] == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

ReplicateSecretToRegions

valid { input.Body.SecretId == STRING input.Body.AddReplicaRegions[_].Region == STRING input.Body.AddReplicaRegions[_].KmsKeyId == STRING input.Body.ForceOverwriteReplicaSecret == BOOLEAN input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

RestoreSecret

valid { input.Body.SecretId == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

RotateSecret

valid { input.Body.SecretId == STRING input.Body.ClientRequestToken == STRING input.Body.RotationLambdaARN == STRING input.Body.RotationRules.AutomaticallyAfterDays == LONG input.Body.RotationRules.Duration == STRING input.Body.RotationRules.ScheduleExpression == STRING input.Body.RotateImmediately == BOOLEAN input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

StopReplicationToReplica

valid { input.Body.SecretId == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

TagResource

valid { input.Body.SecretId == STRING input.Body.Tags[_].Key == STRING input.Body.Tags[_].Value == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

UntagResource

valid { input.Body.SecretId == STRING input.Body.TagKeys[_] == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

UpdateSecret

valid { input.Body.SecretId == STRING input.Body.ClientRequestToken == STRING input.Body.Description == STRING input.Body.KmsKeyId == STRING input.Body.SecretBinary == BLOB input.Body.SecretString == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

UpdateSecretVersionStage

valid { input.Body.SecretId == STRING input.Body.VersionStage == STRING input.Body.RemoveFromVersionId == STRING input.Body.MoveToVersionId == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

ValidateResourcePolicy

valid { input.Body.SecretId == STRING input.Body.ResourcePolicy == STRING input.ProviderMetadata.Account == STRING input.ProviderMetadata.AccessKeyId == STRING input.ProviderMetadata.Region == STRING }

Did this page help you?