1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package secretsmanager 4 5import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" 10 "github.com/aws/smithy-go/middleware" 11 smithyhttp "github.com/aws/smithy-go/transport/http" 12 "time" 13) 14 15// Retrieves the details of a secret. It does not include the encrypted fields. 16// Secrets Manager only returns fields populated with a value in the response. 17// Minimum permissions To run this command, you must have the following 18// permissions: 19// 20// * secretsmanager:DescribeSecret 21// 22// Related operations 23// 24// * To create a 25// secret, use CreateSecret. 26// 27// * To modify a secret, use UpdateSecret. 28// 29// * To 30// retrieve the encrypted secret information in a version of the secret, use 31// GetSecretValue. 32// 33// * To list all of the secrets in the AWS account, use 34// ListSecrets. 35func (c *Client) DescribeSecret(ctx context.Context, params *DescribeSecretInput, optFns ...func(*Options)) (*DescribeSecretOutput, error) { 36 if params == nil { 37 params = &DescribeSecretInput{} 38 } 39 40 result, metadata, err := c.invokeOperation(ctx, "DescribeSecret", params, optFns, addOperationDescribeSecretMiddlewares) 41 if err != nil { 42 return nil, err 43 } 44 45 out := result.(*DescribeSecretOutput) 46 out.ResultMetadata = metadata 47 return out, nil 48} 49 50type DescribeSecretInput struct { 51 52 // The identifier of the secret whose details you want to retrieve. You can specify 53 // either the Amazon Resource Name (ARN) or the friendly name of the secret. If you 54 // specify an ARN, we generally recommend that you specify a complete ARN. You can 55 // specify a partial ARN too—for example, if you don’t include the final hyphen and 56 // six random characters that Secrets Manager adds at the end of the ARN when you 57 // created the secret. A partial ARN match can work as long as it uniquely matches 58 // only one secret. However, if your secret has a name that ends in a hyphen 59 // followed by six characters (before Secrets Manager adds the hyphen and six 60 // characters to the ARN) and you try to use that as a partial ARN, then those 61 // characters cause Secrets Manager to assume that you’re specifying a complete 62 // ARN. This confusion can cause unexpected results. To avoid this situation, we 63 // recommend that you don’t create secret names ending with a hyphen followed by 64 // six characters. If you specify an incomplete ARN without the random suffix, and 65 // instead provide the 'friendly name', you must not include the random suffix. If 66 // you do include the random suffix added by Secrets Manager, you receive either a 67 // ResourceNotFoundException or an AccessDeniedException error, depending on your 68 // permissions. 69 // 70 // This member is required. 71 SecretId *string 72} 73 74type DescribeSecretOutput struct { 75 76 // The ARN of the secret. 77 ARN *string 78 79 // The date that the secret was created. 80 CreatedDate *time.Time 81 82 // This value exists if the secret is scheduled for deletion. Some time after the 83 // specified date and time, Secrets Manager deletes the secret and all of its 84 // versions. If a secret is scheduled for deletion, then its details, including the 85 // encrypted secret information, is not accessible. To cancel a scheduled deletion 86 // and restore access, use RestoreSecret. 87 DeletedDate *time.Time 88 89 // The user-provided description of the secret. 90 Description *string 91 92 // The ARN or alias of the AWS KMS customer master key (CMK) that's used to encrypt 93 // the SecretString or SecretBinary fields in each version of the secret. If you 94 // don't provide a key, then Secrets Manager defaults to encrypting the secret 95 // fields with the default AWS KMS CMK (the one named awssecretsmanager) for this 96 // account. 97 KmsKeyId *string 98 99 // The last date that this secret was accessed. This value is truncated to midnight 100 // of the date and therefore shows only the date, not the time. 101 LastAccessedDate *time.Time 102 103 // The last date and time that this secret was modified in any way. 104 LastChangedDate *time.Time 105 106 // The most recent date and time that the Secrets Manager rotation process was 107 // successfully completed. This value is null if the secret has never rotated. 108 LastRotatedDate *time.Time 109 110 // The user-provided friendly name of the secret. 111 Name *string 112 113 // Returns the name of the service that created this secret. 114 OwningService *string 115 116 // Specifies whether automatic rotation is enabled for this secret. To enable 117 // rotation, use RotateSecret with AutomaticallyRotateAfterDays set to a value 118 // greater than 0. To disable rotation, use CancelRotateSecret. 119 RotationEnabled bool 120 121 // The ARN of a Lambda function that's invoked by Secrets Manager to rotate the 122 // secret either automatically per the schedule or manually by a call to 123 // RotateSecret. 124 RotationLambdaARN *string 125 126 // A structure that contains the rotation configuration for this secret. 127 RotationRules *types.RotationRulesType 128 129 // The list of user-defined tags that are associated with the secret. To add tags 130 // to a secret, use TagResource. To remove tags, use UntagResource. 131 Tags []types.Tag 132 133 // A list of all of the currently assigned VersionStage staging labels and the 134 // VersionId that each is attached to. Staging labels are used to keep track of the 135 // different versions during the rotation process. A version that does not have any 136 // staging labels attached is considered deprecated and subject to deletion. Such 137 // versions are not included in this list. 138 VersionIdsToStages map[string][]string 139 140 // Metadata pertaining to the operation's result. 141 ResultMetadata middleware.Metadata 142} 143 144func addOperationDescribeSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { 145 err = stack.Serialize.Add(&awsAwsjson11_serializeOpDescribeSecret{}, middleware.After) 146 if err != nil { 147 return err 148 } 149 err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpDescribeSecret{}, middleware.After) 150 if err != nil { 151 return err 152 } 153 if err = addSetLoggerMiddleware(stack, options); err != nil { 154 return err 155 } 156 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 157 return err 158 } 159 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 160 return err 161 } 162 if err = addResolveEndpointMiddleware(stack, options); err != nil { 163 return err 164 } 165 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 166 return err 167 } 168 if err = addRetryMiddlewares(stack, options); err != nil { 169 return err 170 } 171 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 172 return err 173 } 174 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 175 return err 176 } 177 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 178 return err 179 } 180 if err = addClientUserAgent(stack); err != nil { 181 return err 182 } 183 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 184 return err 185 } 186 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 187 return err 188 } 189 if err = addOpDescribeSecretValidationMiddleware(stack); err != nil { 190 return err 191 } 192 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDescribeSecret(options.Region), middleware.Before); err != nil { 193 return err 194 } 195 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 196 return err 197 } 198 if err = addResponseErrorMiddleware(stack); err != nil { 199 return err 200 } 201 if err = addRequestResponseLogging(stack, options); err != nil { 202 return err 203 } 204 return nil 205} 206 207func newServiceMetadataMiddleware_opDescribeSecret(region string) *awsmiddleware.RegisterServiceMetadata { 208 return &awsmiddleware.RegisterServiceMetadata{ 209 Region: region, 210 ServiceID: ServiceID, 211 SigningName: "secretsmanager", 212 OperationName: "DescribeSecret", 213 } 214} 215