class Aws::SecretsManager::Types::RotateSecretRequest

@note When making an API call, you may pass RotateSecretRequest

data as a hash:

    {
      secret_id: "SecretIdType", # required
      client_request_token: "ClientRequestTokenType",
      rotation_lambda_arn: "RotationLambdaARNType",
      rotation_rules: {
        automatically_after_days: 1,
      },
    }

@!attribute [rw] secret_id

Specifies the secret that you want to rotate. You can specify either
the Amazon Resource Name (ARN) or the friendly name of the secret.

<note markdown="1"> If you specify an ARN, we generally recommend that you specify a
complete ARN. You can specify a partial ARN too—for example, if you
don’t include the final hyphen and six random characters that
Secrets Manager adds at the end of the ARN when you created the
secret. A partial ARN match can work as long as it uniquely matches
only one secret. However, if your secret has a name that ends in a
hyphen followed by six characters (before Secrets Manager adds the
hyphen and six characters to the ARN) and you try to use that as a
partial ARN, then those characters cause Secrets Manager to assume
that you’re specifying a complete ARN. This confusion can cause
unexpected results. To avoid this situation, we recommend that you
don’t create secret names ending with a hyphen followed by six
characters.

 If you specify an incomplete ARN without the random suffix, and
instead provide the 'friendly name', you *must* not include the
random suffix. If you do include the random suffix added by Secrets
Manager, you receive either a *ResourceNotFoundException* or an
*AccessDeniedException* error, depending on your permissions.

 </note>
@return [String]

@!attribute [rw] client_request_token

(Optional) Specifies a unique identifier for the new version of the
secret that helps ensure idempotency.

If you use the Amazon Web Services CLI or one of the Amazon Web
Services SDK to call this operation, then you can leave this
parameter empty. The CLI or SDK generates a random UUID for you and
includes that in the request for this parameter. If you don't use
the SDK and instead generate a raw HTTP request to the Secrets
Manager service endpoint, then you must generate a
`ClientRequestToken` yourself for new versions and include that
value in the request.

You only need to specify your own value if you implement your own
retry logic and want to ensure that a given secret is not created
twice. We recommend that you generate a [UUID-type][1] value to
ensure uniqueness within the specified secret.

Secrets Manager uses this value to prevent the accidental creation
of duplicate versions if there are failures and retries during the
function's processing. This value becomes the `VersionId` of the
new version.

**A suitable default value is auto-generated.** You should normally
not need to pass this option.

[1]: https://wikipedia.org/wiki/Universally_unique_identifier
@return [String]

@!attribute [rw] rotation_lambda_arn

(Optional) Specifies the ARN of the Lambda function that can rotate
the secret.
@return [String]

@!attribute [rw] rotation_rules

A structure that defines the rotation configuration for this secret.
@return [Types::RotationRulesType]

@see docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/RotateSecretRequest AWS API Documentation

Constants

SENSITIVE