1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package secretsmanager 4 5import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" 10 "github.com/aws/smithy-go/middleware" 11 smithyhttp "github.com/aws/smithy-go/transport/http" 12 "time" 13) 14 15// Retrieves the details of a secret. It does not include the encrypted fields. 16// Secrets Manager only returns fields populated with a value in the response. 17// Minimum permissions To run this command, you must have the following 18// permissions: 19// 20// * secretsmanager:DescribeSecret 21// 22// Related operations 23// 24// * To create a 25// secret, use CreateSecret. 26// 27// * To modify a secret, use UpdateSecret. 28// 29// * To 30// retrieve the encrypted secret information in a version of the secret, use 31// GetSecretValue. 32// 33// * To list all of the secrets in the AWS account, use 34// ListSecrets. 35func (c *Client) DescribeSecret(ctx context.Context, params *DescribeSecretInput, optFns ...func(*Options)) (*DescribeSecretOutput, error) { 36 if params == nil { 37 params = &DescribeSecretInput{} 38 } 39 40 result, metadata, err := c.invokeOperation(ctx, "DescribeSecret", params, optFns, addOperationDescribeSecretMiddlewares) 41 if err != nil { 42 return nil, err 43 } 44 45 out := result.(*DescribeSecretOutput) 46 out.ResultMetadata = metadata 47 return out, nil 48} 49 50type DescribeSecretInput struct { 51 52 // The identifier of the secret whose details you want to retrieve. You can specify 53 // either the Amazon Resource Name (ARN) or the friendly name of the secret. If you 54 // specify an ARN, we generally recommend that you specify a complete ARN. You can 55 // specify a partial ARN too—for example, if you don’t include the final hyphen and 56 // six random characters that Secrets Manager adds at the end of the ARN when you 57 // created the secret. A partial ARN match can work as long as it uniquely matches 58 // only one secret. However, if your secret has a name that ends in a hyphen 59 // followed by six characters (before Secrets Manager adds the hyphen and six 60 // characters to the ARN) and you try to use that as a partial ARN, then those 61 // characters cause Secrets Manager to assume that you’re specifying a complete 62 // ARN. This confusion can cause unexpected results. To avoid this situation, we 63 // recommend that you don’t create secret names ending with a hyphen followed by 64 // six characters. If you specify an incomplete ARN without the random suffix, and 65 // instead provide the 'friendly name', you must not include the random suffix. If 66 // you do include the random suffix added by Secrets Manager, you receive either a 67 // ResourceNotFoundException or an AccessDeniedException error, depending on your 68 // permissions. 69 // 70 // This member is required. 71 SecretId *string 72} 73 74type DescribeSecretOutput struct { 75 76 // The ARN of the secret. 77 ARN *string 78 79 // The date you created the secret. 80 CreatedDate *time.Time 81 82 // This value exists if the secret is scheduled for deletion. Some time after the 83 // specified date and time, Secrets Manager deletes the secret and all of its 84 // versions. If a secret is scheduled for deletion, then its details, including the 85 // encrypted secret information, is not accessible. To cancel a scheduled deletion 86 // and restore access, use RestoreSecret. 87 DeletedDate *time.Time 88 89 // The user-provided description of the secret. 90 Description *string 91 92 // The ARN or alias of the AWS KMS customer master key (CMK) that's used to encrypt 93 // the SecretString or SecretBinary fields in each version of the secret. If you 94 // don't provide a key, then Secrets Manager defaults to encrypting the secret 95 // fields with the default AWS KMS CMK (the one named awssecretsmanager) for this 96 // account. 97 KmsKeyId *string 98 99 // The last date that this secret was accessed. This value is truncated to midnight 100 // of the date and therefore shows only the date, not the time. 101 LastAccessedDate *time.Time 102 103 // The last date and time that this secret was modified in any way. 104 LastChangedDate *time.Time 105 106 // The last date and time that the rotation process for this secret was invoked. 107 // The most recent date and time that the Secrets Manager rotation process 108 // successfully completed. If the secret doesn't rotate, Secrets Manager returns a 109 // null value. 110 LastRotatedDate *time.Time 111 112 // The user-provided friendly name of the secret. 113 Name *string 114 115 // Returns the name of the service that created this secret. 116 OwningService *string 117 118 // Specifies the primary region for secret replication. 119 PrimaryRegion *string 120 121 // Describes a list of replication status objects as InProgress, Failed or InSync.P 122 ReplicationStatus []types.ReplicationStatusType 123 124 // Specifies whether automatic rotation is enabled for this secret. To enable 125 // rotation, use RotateSecret with AutomaticallyRotateAfterDays set to a value 126 // greater than 0. To disable rotation, use CancelRotateSecret. 127 RotationEnabled bool 128 129 // The ARN of a Lambda function that's invoked by Secrets Manager to rotate the 130 // secret either automatically per the schedule or manually by a call to 131 // RotateSecret. 132 RotationLambdaARN *string 133 134 // A structure with the rotation configuration for this secret. 135 RotationRules *types.RotationRulesType 136 137 // The list of user-defined tags that are associated with the secret. To add tags 138 // to a secret, use TagResource. To remove tags, use UntagResource. 139 Tags []types.Tag 140 141 // A list of all of the currently assigned VersionStage staging labels and the 142 // VersionId that each is attached to. Staging labels are used to keep track of the 143 // different versions during the rotation process. A version that does not have any 144 // staging labels attached is considered deprecated and subject to deletion. Such 145 // versions are not included in this list. 146 VersionIdsToStages map[string][]string 147 148 // Metadata pertaining to the operation's result. 149 ResultMetadata middleware.Metadata 150} 151 152func addOperationDescribeSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { 153 err = stack.Serialize.Add(&awsAwsjson11_serializeOpDescribeSecret{}, middleware.After) 154 if err != nil { 155 return err 156 } 157 err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpDescribeSecret{}, middleware.After) 158 if err != nil { 159 return err 160 } 161 if err = addSetLoggerMiddleware(stack, options); err != nil { 162 return err 163 } 164 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 165 return err 166 } 167 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 168 return err 169 } 170 if err = addResolveEndpointMiddleware(stack, options); err != nil { 171 return err 172 } 173 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 174 return err 175 } 176 if err = addRetryMiddlewares(stack, options); err != nil { 177 return err 178 } 179 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 180 return err 181 } 182 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 183 return err 184 } 185 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 186 return err 187 } 188 if err = addClientUserAgent(stack); err != nil { 189 return err 190 } 191 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 192 return err 193 } 194 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 195 return err 196 } 197 if err = addOpDescribeSecretValidationMiddleware(stack); err != nil { 198 return err 199 } 200 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDescribeSecret(options.Region), middleware.Before); err != nil { 201 return err 202 } 203 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 204 return err 205 } 206 if err = addResponseErrorMiddleware(stack); err != nil { 207 return err 208 } 209 if err = addRequestResponseLogging(stack, options); err != nil { 210 return err 211 } 212 return nil 213} 214 215func newServiceMetadataMiddleware_opDescribeSecret(region string) *awsmiddleware.RegisterServiceMetadata { 216 return &awsmiddleware.RegisterServiceMetadata{ 217 Region: region, 218 ServiceID: ServiceID, 219 SigningName: "secretsmanager", 220 OperationName: "DescribeSecret", 221 } 222} 223