github.com/aavshr/aws-sdk-go@v1.41.3/service/secretsmanager/examples_test.go (about) 1 // Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. 2 3 package secretsmanager_test 4 5 import ( 6 "fmt" 7 "strings" 8 "time" 9 10 "github.com/aavshr/aws-sdk-go/aws" 11 "github.com/aavshr/aws-sdk-go/aws/awserr" 12 "github.com/aavshr/aws-sdk-go/aws/session" 13 "github.com/aavshr/aws-sdk-go/service/secretsmanager" 14 ) 15 16 var _ time.Duration 17 var _ strings.Reader 18 var _ aws.Config 19 20 func parseTime(layout, value string) *time.Time { 21 t, err := time.Parse(layout, value) 22 if err != nil { 23 panic(err) 24 } 25 return &t 26 } 27 28 // To cancel scheduled rotation for a secret 29 // 30 // The following example shows how to cancel rotation for a secret. The operation sets 31 // the RotationEnabled field to false and cancels all scheduled rotations. To resume 32 // scheduled rotations, you must re-enable rotation by calling the rotate-secret operation. 33 func ExampleSecretsManager_CancelRotateSecret_shared00() { 34 svc := secretsmanager.New(session.New()) 35 input := &secretsmanager.CancelRotateSecretInput{ 36 SecretId: aws.String("MyTestDatabaseSecret"), 37 } 38 39 result, err := svc.CancelRotateSecret(input) 40 if err != nil { 41 if aerr, ok := err.(awserr.Error); ok { 42 switch aerr.Code() { 43 case secretsmanager.ErrCodeResourceNotFoundException: 44 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 45 case secretsmanager.ErrCodeInvalidParameterException: 46 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 47 case secretsmanager.ErrCodeInternalServiceError: 48 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 49 case secretsmanager.ErrCodeInvalidRequestException: 50 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 51 default: 52 fmt.Println(aerr.Error()) 53 } 54 } else { 55 // Print the error, cast err to awserr.Error to get the Code and 56 // Message from an error. 57 fmt.Println(err.Error()) 58 } 59 return 60 } 61 62 fmt.Println(result) 63 } 64 65 // To create a basic secret 66 // 67 // The following example shows how to create a secret. The credentials stored in the 68 // encrypted secret value are retrieved from a file on disk named mycreds.json. 69 func ExampleSecretsManager_CreateSecret_shared00() { 70 svc := secretsmanager.New(session.New()) 71 input := &secretsmanager.CreateSecretInput{ 72 ClientRequestToken: aws.String("EXAMPLE1-90ab-cdef-fedc-ba987SECRET1"), 73 Description: aws.String("My test database secret created with the CLI"), 74 Name: aws.String("MyTestDatabaseSecret"), 75 SecretString: aws.String("{\"username\":\"david\",\"password\":\"BnQw!XDWgaEeT9XGTT29\"}"), 76 } 77 78 result, err := svc.CreateSecret(input) 79 if err != nil { 80 if aerr, ok := err.(awserr.Error); ok { 81 switch aerr.Code() { 82 case secretsmanager.ErrCodeInvalidParameterException: 83 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 84 case secretsmanager.ErrCodeInvalidRequestException: 85 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 86 case secretsmanager.ErrCodeLimitExceededException: 87 fmt.Println(secretsmanager.ErrCodeLimitExceededException, aerr.Error()) 88 case secretsmanager.ErrCodeEncryptionFailure: 89 fmt.Println(secretsmanager.ErrCodeEncryptionFailure, aerr.Error()) 90 case secretsmanager.ErrCodeResourceExistsException: 91 fmt.Println(secretsmanager.ErrCodeResourceExistsException, aerr.Error()) 92 case secretsmanager.ErrCodeResourceNotFoundException: 93 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 94 case secretsmanager.ErrCodeMalformedPolicyDocumentException: 95 fmt.Println(secretsmanager.ErrCodeMalformedPolicyDocumentException, aerr.Error()) 96 case secretsmanager.ErrCodeInternalServiceError: 97 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 98 case secretsmanager.ErrCodePreconditionNotMetException: 99 fmt.Println(secretsmanager.ErrCodePreconditionNotMetException, aerr.Error()) 100 default: 101 fmt.Println(aerr.Error()) 102 } 103 } else { 104 // Print the error, cast err to awserr.Error to get the Code and 105 // Message from an error. 106 fmt.Println(err.Error()) 107 } 108 return 109 } 110 111 fmt.Println(result) 112 } 113 114 // To delete the resource-based policy attached to a secret 115 // 116 // The following example shows how to delete the resource-based policy that is attached 117 // to a secret. 118 func ExampleSecretsManager_DeleteResourcePolicy_shared00() { 119 svc := secretsmanager.New(session.New()) 120 input := &secretsmanager.DeleteResourcePolicyInput{ 121 SecretId: aws.String("MyTestDatabaseSecret"), 122 } 123 124 result, err := svc.DeleteResourcePolicy(input) 125 if err != nil { 126 if aerr, ok := err.(awserr.Error); ok { 127 switch aerr.Code() { 128 case secretsmanager.ErrCodeResourceNotFoundException: 129 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 130 case secretsmanager.ErrCodeInternalServiceError: 131 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 132 case secretsmanager.ErrCodeInvalidRequestException: 133 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 134 case secretsmanager.ErrCodeInvalidParameterException: 135 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 136 default: 137 fmt.Println(aerr.Error()) 138 } 139 } else { 140 // Print the error, cast err to awserr.Error to get the Code and 141 // Message from an error. 142 fmt.Println(err.Error()) 143 } 144 return 145 } 146 147 fmt.Println(result) 148 } 149 150 // To delete a secret 151 // 152 // The following example shows how to delete a secret. The secret stays in your account 153 // in a deprecated and inaccessible state until the recovery window ends. After the 154 // date and time in the DeletionDate response field has passed, you can no longer recover 155 // this secret with restore-secret. 156 func ExampleSecretsManager_DeleteSecret_shared00() { 157 svc := secretsmanager.New(session.New()) 158 input := &secretsmanager.DeleteSecretInput{ 159 RecoveryWindowInDays: aws.Int64(7), 160 SecretId: aws.String("MyTestDatabaseSecret1"), 161 } 162 163 result, err := svc.DeleteSecret(input) 164 if err != nil { 165 if aerr, ok := err.(awserr.Error); ok { 166 switch aerr.Code() { 167 case secretsmanager.ErrCodeResourceNotFoundException: 168 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 169 case secretsmanager.ErrCodeInvalidParameterException: 170 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 171 case secretsmanager.ErrCodeInvalidRequestException: 172 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 173 case secretsmanager.ErrCodeInternalServiceError: 174 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 175 default: 176 fmt.Println(aerr.Error()) 177 } 178 } else { 179 // Print the error, cast err to awserr.Error to get the Code and 180 // Message from an error. 181 fmt.Println(err.Error()) 182 } 183 return 184 } 185 186 fmt.Println(result) 187 } 188 189 // To retrieve the details of a secret 190 // 191 // The following example shows how to get the details about a secret. 192 func ExampleSecretsManager_DescribeSecret_shared00() { 193 svc := secretsmanager.New(session.New()) 194 input := &secretsmanager.DescribeSecretInput{ 195 SecretId: aws.String("MyTestDatabaseSecret"), 196 } 197 198 result, err := svc.DescribeSecret(input) 199 if err != nil { 200 if aerr, ok := err.(awserr.Error); ok { 201 switch aerr.Code() { 202 case secretsmanager.ErrCodeResourceNotFoundException: 203 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 204 case secretsmanager.ErrCodeInternalServiceError: 205 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 206 case secretsmanager.ErrCodeInvalidParameterException: 207 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 208 default: 209 fmt.Println(aerr.Error()) 210 } 211 } else { 212 // Print the error, cast err to awserr.Error to get the Code and 213 // Message from an error. 214 fmt.Println(err.Error()) 215 } 216 return 217 } 218 219 fmt.Println(result) 220 } 221 222 // To generate a random password 223 // 224 // The following example shows how to request a randomly generated password. This example 225 // includes the optional flags to require spaces and at least one character of each 226 // included type. It specifies a length of 20 characters. 227 func ExampleSecretsManager_GetRandomPassword_shared00() { 228 svc := secretsmanager.New(session.New()) 229 input := &secretsmanager.GetRandomPasswordInput{ 230 IncludeSpace: aws.Bool(true), 231 PasswordLength: aws.Int64(20), 232 RequireEachIncludedType: aws.Bool(true), 233 } 234 235 result, err := svc.GetRandomPassword(input) 236 if err != nil { 237 if aerr, ok := err.(awserr.Error); ok { 238 switch aerr.Code() { 239 case secretsmanager.ErrCodeInvalidParameterException: 240 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 241 case secretsmanager.ErrCodeInvalidRequestException: 242 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 243 case secretsmanager.ErrCodeInternalServiceError: 244 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 245 default: 246 fmt.Println(aerr.Error()) 247 } 248 } else { 249 // Print the error, cast err to awserr.Error to get the Code and 250 // Message from an error. 251 fmt.Println(err.Error()) 252 } 253 return 254 } 255 256 fmt.Println(result) 257 } 258 259 // To retrieve the resource-based policy attached to a secret 260 // 261 // The following example shows how to retrieve the resource-based policy that is attached 262 // to a secret. 263 func ExampleSecretsManager_GetResourcePolicy_shared00() { 264 svc := secretsmanager.New(session.New()) 265 input := &secretsmanager.GetResourcePolicyInput{ 266 SecretId: aws.String("MyTestDatabaseSecret"), 267 } 268 269 result, err := svc.GetResourcePolicy(input) 270 if err != nil { 271 if aerr, ok := err.(awserr.Error); ok { 272 switch aerr.Code() { 273 case secretsmanager.ErrCodeResourceNotFoundException: 274 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 275 case secretsmanager.ErrCodeInternalServiceError: 276 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 277 case secretsmanager.ErrCodeInvalidRequestException: 278 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 279 case secretsmanager.ErrCodeInvalidParameterException: 280 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 281 default: 282 fmt.Println(aerr.Error()) 283 } 284 } else { 285 // Print the error, cast err to awserr.Error to get the Code and 286 // Message from an error. 287 fmt.Println(err.Error()) 288 } 289 return 290 } 291 292 fmt.Println(result) 293 } 294 295 // To retrieve the encrypted secret value of a secret 296 // 297 // The following example shows how to retrieve the secret string value from the version 298 // of the secret that has the AWSPREVIOUS staging label attached. If you want to retrieve 299 // the AWSCURRENT version of the secret, then you can omit the VersionStage parameter 300 // because it defaults to AWSCURRENT. 301 func ExampleSecretsManager_GetSecretValue_shared00() { 302 svc := secretsmanager.New(session.New()) 303 input := &secretsmanager.GetSecretValueInput{ 304 SecretId: aws.String("MyTestDatabaseSecret"), 305 VersionStage: aws.String("AWSPREVIOUS"), 306 } 307 308 result, err := svc.GetSecretValue(input) 309 if err != nil { 310 if aerr, ok := err.(awserr.Error); ok { 311 switch aerr.Code() { 312 case secretsmanager.ErrCodeResourceNotFoundException: 313 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 314 case secretsmanager.ErrCodeInvalidParameterException: 315 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 316 case secretsmanager.ErrCodeInvalidRequestException: 317 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 318 case secretsmanager.ErrCodeDecryptionFailure: 319 fmt.Println(secretsmanager.ErrCodeDecryptionFailure, aerr.Error()) 320 case secretsmanager.ErrCodeInternalServiceError: 321 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 322 default: 323 fmt.Println(aerr.Error()) 324 } 325 } else { 326 // Print the error, cast err to awserr.Error to get the Code and 327 // Message from an error. 328 fmt.Println(err.Error()) 329 } 330 return 331 } 332 333 fmt.Println(result) 334 } 335 336 // To list all of the secret versions associated with a secret 337 // 338 // The following example shows how to retrieve a list of all of the versions of a secret, 339 // including those without any staging labels. 340 func ExampleSecretsManager_ListSecretVersionIds_shared00() { 341 svc := secretsmanager.New(session.New()) 342 input := &secretsmanager.ListSecretVersionIdsInput{ 343 IncludeDeprecated: aws.Bool(true), 344 SecretId: aws.String("MyTestDatabaseSecret"), 345 } 346 347 result, err := svc.ListSecretVersionIds(input) 348 if err != nil { 349 if aerr, ok := err.(awserr.Error); ok { 350 switch aerr.Code() { 351 case secretsmanager.ErrCodeInvalidNextTokenException: 352 fmt.Println(secretsmanager.ErrCodeInvalidNextTokenException, aerr.Error()) 353 case secretsmanager.ErrCodeResourceNotFoundException: 354 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 355 case secretsmanager.ErrCodeInternalServiceError: 356 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 357 case secretsmanager.ErrCodeInvalidParameterException: 358 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 359 default: 360 fmt.Println(aerr.Error()) 361 } 362 } else { 363 // Print the error, cast err to awserr.Error to get the Code and 364 // Message from an error. 365 fmt.Println(err.Error()) 366 } 367 return 368 } 369 370 fmt.Println(result) 371 } 372 373 // To list the secrets in your account 374 // 375 // The following example shows how to list all of the secrets in your account. 376 func ExampleSecretsManager_ListSecrets_shared00() { 377 svc := secretsmanager.New(session.New()) 378 input := &secretsmanager.ListSecretsInput{} 379 380 result, err := svc.ListSecrets(input) 381 if err != nil { 382 if aerr, ok := err.(awserr.Error); ok { 383 switch aerr.Code() { 384 case secretsmanager.ErrCodeInvalidParameterException: 385 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 386 case secretsmanager.ErrCodeInvalidNextTokenException: 387 fmt.Println(secretsmanager.ErrCodeInvalidNextTokenException, aerr.Error()) 388 case secretsmanager.ErrCodeInternalServiceError: 389 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 390 default: 391 fmt.Println(aerr.Error()) 392 } 393 } else { 394 // Print the error, cast err to awserr.Error to get the Code and 395 // Message from an error. 396 fmt.Println(err.Error()) 397 } 398 return 399 } 400 401 fmt.Println(result) 402 } 403 404 // To add a resource-based policy to a secret 405 // 406 // The following example shows how to add a resource-based policy to a secret. 407 func ExampleSecretsManager_PutResourcePolicy_shared00() { 408 svc := secretsmanager.New(session.New()) 409 input := &secretsmanager.PutResourcePolicyInput{ 410 ResourcePolicy: aws.String("{\n\"Version\":\"2012-10-17\",\n\"Statement\":[{\n\"Effect\":\"Allow\",\n\"Principal\":{\n\"AWS\":\"arn:aws:iam::123456789012:root\"\n},\n\"Action\":\"secretsmanager:GetSecretValue\",\n\"Resource\":\"*\"\n}]\n}"), 411 SecretId: aws.String("MyTestDatabaseSecret"), 412 } 413 414 result, err := svc.PutResourcePolicy(input) 415 if err != nil { 416 if aerr, ok := err.(awserr.Error); ok { 417 switch aerr.Code() { 418 case secretsmanager.ErrCodeMalformedPolicyDocumentException: 419 fmt.Println(secretsmanager.ErrCodeMalformedPolicyDocumentException, aerr.Error()) 420 case secretsmanager.ErrCodeResourceNotFoundException: 421 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 422 case secretsmanager.ErrCodeInvalidParameterException: 423 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 424 case secretsmanager.ErrCodeInternalServiceError: 425 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 426 case secretsmanager.ErrCodeInvalidRequestException: 427 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 428 case secretsmanager.ErrCodePublicPolicyException: 429 fmt.Println(secretsmanager.ErrCodePublicPolicyException, aerr.Error()) 430 default: 431 fmt.Println(aerr.Error()) 432 } 433 } else { 434 // Print the error, cast err to awserr.Error to get the Code and 435 // Message from an error. 436 fmt.Println(err.Error()) 437 } 438 return 439 } 440 441 fmt.Println(result) 442 } 443 444 // To store a secret value in a new version of a secret 445 // 446 // The following example shows how to create a new version of the secret. Alternatively, 447 // you can use the update-secret command. 448 func ExampleSecretsManager_PutSecretValue_shared00() { 449 svc := secretsmanager.New(session.New()) 450 input := &secretsmanager.PutSecretValueInput{ 451 ClientRequestToken: aws.String("EXAMPLE2-90ab-cdef-fedc-ba987EXAMPLE"), 452 SecretId: aws.String("MyTestDatabaseSecret"), 453 SecretString: aws.String("{\"username\":\"david\",\"password\":\"BnQw!XDWgaEeT9XGTT29\"}"), 454 } 455 456 result, err := svc.PutSecretValue(input) 457 if err != nil { 458 if aerr, ok := err.(awserr.Error); ok { 459 switch aerr.Code() { 460 case secretsmanager.ErrCodeInvalidParameterException: 461 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 462 case secretsmanager.ErrCodeInvalidRequestException: 463 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 464 case secretsmanager.ErrCodeLimitExceededException: 465 fmt.Println(secretsmanager.ErrCodeLimitExceededException, aerr.Error()) 466 case secretsmanager.ErrCodeEncryptionFailure: 467 fmt.Println(secretsmanager.ErrCodeEncryptionFailure, aerr.Error()) 468 case secretsmanager.ErrCodeResourceExistsException: 469 fmt.Println(secretsmanager.ErrCodeResourceExistsException, aerr.Error()) 470 case secretsmanager.ErrCodeResourceNotFoundException: 471 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 472 case secretsmanager.ErrCodeInternalServiceError: 473 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 474 default: 475 fmt.Println(aerr.Error()) 476 } 477 } else { 478 // Print the error, cast err to awserr.Error to get the Code and 479 // Message from an error. 480 fmt.Println(err.Error()) 481 } 482 return 483 } 484 485 fmt.Println(result) 486 } 487 488 // To restore a previously deleted secret 489 // 490 // The following example shows how to restore a secret that you previously scheduled 491 // for deletion. 492 func ExampleSecretsManager_RestoreSecret_shared00() { 493 svc := secretsmanager.New(session.New()) 494 input := &secretsmanager.RestoreSecretInput{ 495 SecretId: aws.String("MyTestDatabaseSecret"), 496 } 497 498 result, err := svc.RestoreSecret(input) 499 if err != nil { 500 if aerr, ok := err.(awserr.Error); ok { 501 switch aerr.Code() { 502 case secretsmanager.ErrCodeResourceNotFoundException: 503 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 504 case secretsmanager.ErrCodeInvalidParameterException: 505 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 506 case secretsmanager.ErrCodeInvalidRequestException: 507 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 508 case secretsmanager.ErrCodeInternalServiceError: 509 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 510 default: 511 fmt.Println(aerr.Error()) 512 } 513 } else { 514 // Print the error, cast err to awserr.Error to get the Code and 515 // Message from an error. 516 fmt.Println(err.Error()) 517 } 518 return 519 } 520 521 fmt.Println(result) 522 } 523 524 // To configure rotation for a secret 525 // 526 // The following example configures rotation for a secret by providing the ARN of a 527 // Lambda rotation function (which must already exist) and the number of days between 528 // rotation. The first rotation happens immediately upon completion of this command. 529 // The rotation function runs asynchronously in the background. 530 func ExampleSecretsManager_RotateSecret_shared00() { 531 svc := secretsmanager.New(session.New()) 532 input := &secretsmanager.RotateSecretInput{ 533 RotationLambdaARN: aws.String("arn:aws:lambda:us-west-2:123456789012:function:MyTestDatabaseRotationLambda"), 534 RotationRules: &secretsmanager.RotationRulesType{ 535 AutomaticallyAfterDays: aws.Int64(30), 536 }, 537 SecretId: aws.String("MyTestDatabaseSecret"), 538 } 539 540 result, err := svc.RotateSecret(input) 541 if err != nil { 542 if aerr, ok := err.(awserr.Error); ok { 543 switch aerr.Code() { 544 case secretsmanager.ErrCodeResourceNotFoundException: 545 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 546 case secretsmanager.ErrCodeInvalidParameterException: 547 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 548 case secretsmanager.ErrCodeInternalServiceError: 549 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 550 case secretsmanager.ErrCodeInvalidRequestException: 551 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 552 default: 553 fmt.Println(aerr.Error()) 554 } 555 } else { 556 // Print the error, cast err to awserr.Error to get the Code and 557 // Message from an error. 558 fmt.Println(err.Error()) 559 } 560 return 561 } 562 563 fmt.Println(result) 564 } 565 566 // To request an immediate rotation for a secret 567 // 568 // The following example requests an immediate invocation of the secret's Lambda rotation 569 // function. It assumes that the specified secret already has rotation configured. The 570 // rotation function runs asynchronously in the background. 571 func ExampleSecretsManager_RotateSecret_shared01() { 572 svc := secretsmanager.New(session.New()) 573 input := &secretsmanager.RotateSecretInput{ 574 SecretId: aws.String("MyTestDatabaseSecret"), 575 } 576 577 result, err := svc.RotateSecret(input) 578 if err != nil { 579 if aerr, ok := err.(awserr.Error); ok { 580 switch aerr.Code() { 581 case secretsmanager.ErrCodeResourceNotFoundException: 582 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 583 case secretsmanager.ErrCodeInvalidParameterException: 584 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 585 case secretsmanager.ErrCodeInternalServiceError: 586 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 587 case secretsmanager.ErrCodeInvalidRequestException: 588 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 589 default: 590 fmt.Println(aerr.Error()) 591 } 592 } else { 593 // Print the error, cast err to awserr.Error to get the Code and 594 // Message from an error. 595 fmt.Println(err.Error()) 596 } 597 return 598 } 599 600 fmt.Println(result) 601 } 602 603 // To add tags to a secret 604 // 605 // The following example shows how to attach two tags each with a Key and Value to a 606 // secret. There is no output from this API. To see the result, use the DescribeSecret 607 // operation. 608 func ExampleSecretsManager_TagResource_shared00() { 609 svc := secretsmanager.New(session.New()) 610 input := &secretsmanager.TagResourceInput{ 611 SecretId: aws.String("MyExampleSecret"), 612 Tags: []*secretsmanager.Tag{ 613 { 614 Key: aws.String("FirstTag"), 615 Value: aws.String("SomeValue"), 616 }, 617 { 618 Key: aws.String("SecondTag"), 619 Value: aws.String("AnotherValue"), 620 }, 621 }, 622 } 623 624 result, err := svc.TagResource(input) 625 if err != nil { 626 if aerr, ok := err.(awserr.Error); ok { 627 switch aerr.Code() { 628 case secretsmanager.ErrCodeResourceNotFoundException: 629 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 630 case secretsmanager.ErrCodeInvalidRequestException: 631 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 632 case secretsmanager.ErrCodeInvalidParameterException: 633 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 634 case secretsmanager.ErrCodeInternalServiceError: 635 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 636 default: 637 fmt.Println(aerr.Error()) 638 } 639 } else { 640 // Print the error, cast err to awserr.Error to get the Code and 641 // Message from an error. 642 fmt.Println(err.Error()) 643 } 644 return 645 } 646 647 fmt.Println(result) 648 } 649 650 // To remove tags from a secret 651 // 652 // The following example shows how to remove two tags from a secret's metadata. For 653 // each, both the tag and the associated value are removed. There is no output from 654 // this API. To see the result, use the DescribeSecret operation. 655 func ExampleSecretsManager_UntagResource_shared00() { 656 svc := secretsmanager.New(session.New()) 657 input := &secretsmanager.UntagResourceInput{ 658 SecretId: aws.String("MyTestDatabaseSecret"), 659 TagKeys: []*string{ 660 aws.String("FirstTag"), 661 aws.String("SecondTag"), 662 }, 663 } 664 665 result, err := svc.UntagResource(input) 666 if err != nil { 667 if aerr, ok := err.(awserr.Error); ok { 668 switch aerr.Code() { 669 case secretsmanager.ErrCodeResourceNotFoundException: 670 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 671 case secretsmanager.ErrCodeInvalidRequestException: 672 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 673 case secretsmanager.ErrCodeInvalidParameterException: 674 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 675 case secretsmanager.ErrCodeInternalServiceError: 676 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 677 default: 678 fmt.Println(aerr.Error()) 679 } 680 } else { 681 // Print the error, cast err to awserr.Error to get the Code and 682 // Message from an error. 683 fmt.Println(err.Error()) 684 } 685 return 686 } 687 688 fmt.Println(result) 689 } 690 691 // To update the description of a secret 692 // 693 // The following example shows how to modify the description of a secret. 694 func ExampleSecretsManager_UpdateSecret_shared00() { 695 svc := secretsmanager.New(session.New()) 696 input := &secretsmanager.UpdateSecretInput{ 697 ClientRequestToken: aws.String("EXAMPLE1-90ab-cdef-fedc-ba987EXAMPLE"), 698 Description: aws.String("This is a new description for the secret."), 699 SecretId: aws.String("MyTestDatabaseSecret"), 700 } 701 702 result, err := svc.UpdateSecret(input) 703 if err != nil { 704 if aerr, ok := err.(awserr.Error); ok { 705 switch aerr.Code() { 706 case secretsmanager.ErrCodeInvalidParameterException: 707 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 708 case secretsmanager.ErrCodeInvalidRequestException: 709 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 710 case secretsmanager.ErrCodeLimitExceededException: 711 fmt.Println(secretsmanager.ErrCodeLimitExceededException, aerr.Error()) 712 case secretsmanager.ErrCodeEncryptionFailure: 713 fmt.Println(secretsmanager.ErrCodeEncryptionFailure, aerr.Error()) 714 case secretsmanager.ErrCodeResourceExistsException: 715 fmt.Println(secretsmanager.ErrCodeResourceExistsException, aerr.Error()) 716 case secretsmanager.ErrCodeResourceNotFoundException: 717 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 718 case secretsmanager.ErrCodeMalformedPolicyDocumentException: 719 fmt.Println(secretsmanager.ErrCodeMalformedPolicyDocumentException, aerr.Error()) 720 case secretsmanager.ErrCodeInternalServiceError: 721 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 722 case secretsmanager.ErrCodePreconditionNotMetException: 723 fmt.Println(secretsmanager.ErrCodePreconditionNotMetException, aerr.Error()) 724 default: 725 fmt.Println(aerr.Error()) 726 } 727 } else { 728 // Print the error, cast err to awserr.Error to get the Code and 729 // Message from an error. 730 fmt.Println(err.Error()) 731 } 732 return 733 } 734 735 fmt.Println(result) 736 } 737 738 // To update the KMS key associated with a secret 739 // 740 // This example shows how to update the KMS customer managed key (CMK) used to encrypt 741 // the secret value. The KMS CMK must be in the same region as the secret. 742 func ExampleSecretsManager_UpdateSecret_shared01() { 743 svc := secretsmanager.New(session.New()) 744 input := &secretsmanager.UpdateSecretInput{ 745 KmsKeyId: aws.String("arn:aws:kms:us-west-2:123456789012:key/EXAMPLE2-90ab-cdef-fedc-ba987EXAMPLE"), 746 SecretId: aws.String("MyTestDatabaseSecret"), 747 } 748 749 result, err := svc.UpdateSecret(input) 750 if err != nil { 751 if aerr, ok := err.(awserr.Error); ok { 752 switch aerr.Code() { 753 case secretsmanager.ErrCodeInvalidParameterException: 754 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 755 case secretsmanager.ErrCodeInvalidRequestException: 756 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 757 case secretsmanager.ErrCodeLimitExceededException: 758 fmt.Println(secretsmanager.ErrCodeLimitExceededException, aerr.Error()) 759 case secretsmanager.ErrCodeEncryptionFailure: 760 fmt.Println(secretsmanager.ErrCodeEncryptionFailure, aerr.Error()) 761 case secretsmanager.ErrCodeResourceExistsException: 762 fmt.Println(secretsmanager.ErrCodeResourceExistsException, aerr.Error()) 763 case secretsmanager.ErrCodeResourceNotFoundException: 764 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 765 case secretsmanager.ErrCodeMalformedPolicyDocumentException: 766 fmt.Println(secretsmanager.ErrCodeMalformedPolicyDocumentException, aerr.Error()) 767 case secretsmanager.ErrCodeInternalServiceError: 768 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 769 case secretsmanager.ErrCodePreconditionNotMetException: 770 fmt.Println(secretsmanager.ErrCodePreconditionNotMetException, aerr.Error()) 771 default: 772 fmt.Println(aerr.Error()) 773 } 774 } else { 775 // Print the error, cast err to awserr.Error to get the Code and 776 // Message from an error. 777 fmt.Println(err.Error()) 778 } 779 return 780 } 781 782 fmt.Println(result) 783 } 784 785 // To create a new version of the encrypted secret value 786 // 787 // The following example shows how to create a new version of the secret by updating 788 // the SecretString field. Alternatively, you can use the put-secret-value operation. 789 func ExampleSecretsManager_UpdateSecret_shared02() { 790 svc := secretsmanager.New(session.New()) 791 input := &secretsmanager.UpdateSecretInput{ 792 SecretId: aws.String("MyTestDatabaseSecret"), 793 SecretString: aws.String("{JSON STRING WITH CREDENTIALS}"), 794 } 795 796 result, err := svc.UpdateSecret(input) 797 if err != nil { 798 if aerr, ok := err.(awserr.Error); ok { 799 switch aerr.Code() { 800 case secretsmanager.ErrCodeInvalidParameterException: 801 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 802 case secretsmanager.ErrCodeInvalidRequestException: 803 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 804 case secretsmanager.ErrCodeLimitExceededException: 805 fmt.Println(secretsmanager.ErrCodeLimitExceededException, aerr.Error()) 806 case secretsmanager.ErrCodeEncryptionFailure: 807 fmt.Println(secretsmanager.ErrCodeEncryptionFailure, aerr.Error()) 808 case secretsmanager.ErrCodeResourceExistsException: 809 fmt.Println(secretsmanager.ErrCodeResourceExistsException, aerr.Error()) 810 case secretsmanager.ErrCodeResourceNotFoundException: 811 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 812 case secretsmanager.ErrCodeMalformedPolicyDocumentException: 813 fmt.Println(secretsmanager.ErrCodeMalformedPolicyDocumentException, aerr.Error()) 814 case secretsmanager.ErrCodeInternalServiceError: 815 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 816 case secretsmanager.ErrCodePreconditionNotMetException: 817 fmt.Println(secretsmanager.ErrCodePreconditionNotMetException, aerr.Error()) 818 default: 819 fmt.Println(aerr.Error()) 820 } 821 } else { 822 // Print the error, cast err to awserr.Error to get the Code and 823 // Message from an error. 824 fmt.Println(err.Error()) 825 } 826 return 827 } 828 829 fmt.Println(result) 830 } 831 832 // To add a staging label attached to a version of a secret 833 // 834 // The following example shows you how to add a staging label to a version of a secret. 835 // You can review the results by running the operation ListSecretVersionIds and viewing 836 // the VersionStages response field for the affected version. 837 func ExampleSecretsManager_UpdateSecretVersionStage_shared00() { 838 svc := secretsmanager.New(session.New()) 839 input := &secretsmanager.UpdateSecretVersionStageInput{ 840 MoveToVersionId: aws.String("EXAMPLE1-90ab-cdef-fedc-ba987SECRET1"), 841 SecretId: aws.String("MyTestDatabaseSecret"), 842 VersionStage: aws.String("STAGINGLABEL1"), 843 } 844 845 result, err := svc.UpdateSecretVersionStage(input) 846 if err != nil { 847 if aerr, ok := err.(awserr.Error); ok { 848 switch aerr.Code() { 849 case secretsmanager.ErrCodeResourceNotFoundException: 850 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 851 case secretsmanager.ErrCodeInvalidParameterException: 852 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 853 case secretsmanager.ErrCodeInvalidRequestException: 854 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 855 case secretsmanager.ErrCodeLimitExceededException: 856 fmt.Println(secretsmanager.ErrCodeLimitExceededException, aerr.Error()) 857 case secretsmanager.ErrCodeInternalServiceError: 858 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 859 default: 860 fmt.Println(aerr.Error()) 861 } 862 } else { 863 // Print the error, cast err to awserr.Error to get the Code and 864 // Message from an error. 865 fmt.Println(err.Error()) 866 } 867 return 868 } 869 870 fmt.Println(result) 871 } 872 873 // To delete a staging label attached to a version of a secret 874 // 875 // The following example shows you how to delete a staging label that is attached to 876 // a version of a secret. You can review the results by running the operation ListSecretVersionIds 877 // and viewing the VersionStages response field for the affected version. 878 func ExampleSecretsManager_UpdateSecretVersionStage_shared01() { 879 svc := secretsmanager.New(session.New()) 880 input := &secretsmanager.UpdateSecretVersionStageInput{ 881 RemoveFromVersionId: aws.String("EXAMPLE1-90ab-cdef-fedc-ba987SECRET1"), 882 SecretId: aws.String("MyTestDatabaseSecret"), 883 VersionStage: aws.String("STAGINGLABEL1"), 884 } 885 886 result, err := svc.UpdateSecretVersionStage(input) 887 if err != nil { 888 if aerr, ok := err.(awserr.Error); ok { 889 switch aerr.Code() { 890 case secretsmanager.ErrCodeResourceNotFoundException: 891 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 892 case secretsmanager.ErrCodeInvalidParameterException: 893 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 894 case secretsmanager.ErrCodeInvalidRequestException: 895 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 896 case secretsmanager.ErrCodeLimitExceededException: 897 fmt.Println(secretsmanager.ErrCodeLimitExceededException, aerr.Error()) 898 case secretsmanager.ErrCodeInternalServiceError: 899 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 900 default: 901 fmt.Println(aerr.Error()) 902 } 903 } else { 904 // Print the error, cast err to awserr.Error to get the Code and 905 // Message from an error. 906 fmt.Println(err.Error()) 907 } 908 return 909 } 910 911 fmt.Println(result) 912 } 913 914 // To move a staging label from one version of a secret to another 915 // 916 // The following example shows you how to move a staging label that is attached to one 917 // version of a secret to a different version. You can review the results by running 918 // the operation ListSecretVersionIds and viewing the VersionStages response field for 919 // the affected version. 920 func ExampleSecretsManager_UpdateSecretVersionStage_shared02() { 921 svc := secretsmanager.New(session.New()) 922 input := &secretsmanager.UpdateSecretVersionStageInput{ 923 MoveToVersionId: aws.String("EXAMPLE2-90ab-cdef-fedc-ba987SECRET2"), 924 RemoveFromVersionId: aws.String("EXAMPLE1-90ab-cdef-fedc-ba987SECRET1"), 925 SecretId: aws.String("MyTestDatabaseSecret"), 926 VersionStage: aws.String("AWSCURRENT"), 927 } 928 929 result, err := svc.UpdateSecretVersionStage(input) 930 if err != nil { 931 if aerr, ok := err.(awserr.Error); ok { 932 switch aerr.Code() { 933 case secretsmanager.ErrCodeResourceNotFoundException: 934 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 935 case secretsmanager.ErrCodeInvalidParameterException: 936 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 937 case secretsmanager.ErrCodeInvalidRequestException: 938 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 939 case secretsmanager.ErrCodeLimitExceededException: 940 fmt.Println(secretsmanager.ErrCodeLimitExceededException, aerr.Error()) 941 case secretsmanager.ErrCodeInternalServiceError: 942 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 943 default: 944 fmt.Println(aerr.Error()) 945 } 946 } else { 947 // Print the error, cast err to awserr.Error to get the Code and 948 // Message from an error. 949 fmt.Println(err.Error()) 950 } 951 return 952 } 953 954 fmt.Println(result) 955 } 956 957 // To validate a resource-based policy to a secret 958 // 959 // The following example shows how to validate a resource-based policy to a secret. 960 func ExampleSecretsManager_ValidateResourcePolicy_shared00() { 961 svc := secretsmanager.New(session.New()) 962 input := &secretsmanager.ValidateResourcePolicyInput{ 963 ResourcePolicy: aws.String("{\n\"Version\":\"2012-10-17\",\n\"Statement\":[{\n\"Effect\":\"Allow\",\n\"Principal\":{\n\"AWS\":\"arn:aws:iam::123456789012:root\"\n},\n\"Action\":\"secretsmanager:GetSecretValue\",\n\"Resource\":\"*\"\n}]\n}"), 964 SecretId: aws.String("MyTestDatabaseSecret"), 965 } 966 967 result, err := svc.ValidateResourcePolicy(input) 968 if err != nil { 969 if aerr, ok := err.(awserr.Error); ok { 970 switch aerr.Code() { 971 case secretsmanager.ErrCodeMalformedPolicyDocumentException: 972 fmt.Println(secretsmanager.ErrCodeMalformedPolicyDocumentException, aerr.Error()) 973 case secretsmanager.ErrCodeResourceNotFoundException: 974 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 975 case secretsmanager.ErrCodeInvalidParameterException: 976 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 977 case secretsmanager.ErrCodeInternalServiceError: 978 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 979 case secretsmanager.ErrCodeInvalidRequestException: 980 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 981 default: 982 fmt.Println(aerr.Error()) 983 } 984 } else { 985 // Print the error, cast err to awserr.Error to get the Code and 986 // Message from an error. 987 fmt.Println(err.Error()) 988 } 989 return 990 } 991 992 fmt.Println(result) 993 }