| Copyright | (c) 2013-2021 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay <brendan.g.hay+amazonka@gmail.com> |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | None |
Amazonka.SecretsManager.CancelRotateSecret
Description
Disables automatic scheduled rotation and cancels the rotation of a secret if currently in progress.
To re-enable scheduled rotation, call RotateSecret with
AutomaticallyRotateAfterDays set to a value greater than 0. This
immediately rotates your secret and then enables the automatic schedule.
If you cancel a rotation while in progress, it can leave the
VersionStage labels in an unexpected state. Depending on the step of
the rotation in progress, you might need to remove the staging label
AWSPENDING from the partially created version, specified by the
VersionId response value. You should also evaluate the partially
rotated new version to see if it should be deleted, which you can do by
removing all staging labels from the new version VersionStage field.
To successfully start a rotation, the staging label AWSPENDING must be
in one of the following states:
- Not attached to any version at all
- Attached to the same version as the staging label
AWSCURRENT
If the staging label AWSPENDING attached to a different version than
the version with AWSCURRENT then the attempt to rotate fails.
Minimum permissions
To run this command, you must have the following permissions:
- secretsmanager:CancelRotateSecret
Related operations
- To configure rotation for a secret or to manually trigger a rotation, use RotateSecret.
- To get the rotation configuration details for a secret, use DescribeSecret.
- To list all of the currently available secrets, use ListSecrets.
- To list all of the versions currently associated with a secret, use ListSecretVersionIds.
Synopsis
- data CancelRotateSecret = CancelRotateSecret' {}
- newCancelRotateSecret :: Text -> CancelRotateSecret
- cancelRotateSecret_secretId :: Lens' CancelRotateSecret Text
- data CancelRotateSecretResponse = CancelRotateSecretResponse' {}
- newCancelRotateSecretResponse :: Int -> CancelRotateSecretResponse
- cancelRotateSecretResponse_versionId :: Lens' CancelRotateSecretResponse (Maybe Text)
- cancelRotateSecretResponse_arn :: Lens' CancelRotateSecretResponse (Maybe Text)
- cancelRotateSecretResponse_name :: Lens' CancelRotateSecretResponse (Maybe Text)
- cancelRotateSecretResponse_httpStatus :: Lens' CancelRotateSecretResponse Int
Creating a Request
data CancelRotateSecret Source #
See: newCancelRotateSecret smart constructor.
Constructors
| CancelRotateSecret' | |
Instances
newCancelRotateSecret Source #
Arguments
| :: Text | |
| -> CancelRotateSecret |
Create a value of CancelRotateSecret with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:secretId:CancelRotateSecret', cancelRotateSecret_secretId - Specifies the secret to cancel a rotation request. You can specify
either the Amazon Resource Name (ARN) or the friendly name of the
secret.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.
Request Lenses
cancelRotateSecret_secretId :: Lens' CancelRotateSecret Text Source #
Specifies the secret to cancel a rotation request. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.
Destructuring the Response
data CancelRotateSecretResponse Source #
See: newCancelRotateSecretResponse smart constructor.
Constructors
| CancelRotateSecretResponse' | |
Fields
| |
Instances
newCancelRotateSecretResponse Source #
Create a value of CancelRotateSecretResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:versionId:CancelRotateSecretResponse', cancelRotateSecretResponse_versionId - The unique identifier of the version of the secret created during the
rotation. This version might not be complete, and should be evaluated
for possible deletion. At the very least, you should remove the
VersionStage value AWSPENDING to enable this version to be deleted.
Failing to clean up a cancelled rotation can block you from successfully
starting future rotations.
$sel:arn:CancelRotateSecretResponse', cancelRotateSecretResponse_arn - The ARN of the secret for which rotation was canceled.
$sel:name:CancelRotateSecretResponse', cancelRotateSecretResponse_name - The friendly name of the secret for which rotation was canceled.
$sel:httpStatus:CancelRotateSecretResponse', cancelRotateSecretResponse_httpStatus - The response's http status code.
Response Lenses
cancelRotateSecretResponse_versionId :: Lens' CancelRotateSecretResponse (Maybe Text) Source #
The unique identifier of the version of the secret created during the
rotation. This version might not be complete, and should be evaluated
for possible deletion. At the very least, you should remove the
VersionStage value AWSPENDING to enable this version to be deleted.
Failing to clean up a cancelled rotation can block you from successfully
starting future rotations.
cancelRotateSecretResponse_arn :: Lens' CancelRotateSecretResponse (Maybe Text) Source #
The ARN of the secret for which rotation was canceled.
cancelRotateSecretResponse_name :: Lens' CancelRotateSecretResponse (Maybe Text) Source #
The friendly name of the secret for which rotation was canceled.
cancelRotateSecretResponse_httpStatus :: Lens' CancelRotateSecretResponse Int Source #
The response's http status code.