Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
131 changes: 129 additions & 2 deletions apps/docs/content/docs/en/integrations/secrets_manager.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ In Sim, the AWS Secrets Manager integration allows your workflows to securely re

## Usage Instructions

Integrate AWS Secrets Manager into the workflow. Can retrieve, create, update, list, and delete secrets.
Integrate AWS Secrets Manager into the workflow. Can retrieve, create, update, list, delete, describe, tag, untag, restore, and rotate secrets.



Expand Down Expand Up @@ -78,7 +78,7 @@ List secrets stored in AWS Secrets Manager

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `secrets` | json | List of secrets with name, ARN, description, and dates |
| `secrets` | json | List of secrets with name, ARN, description, dates, rotation rules/window, and version-to-stage mappings |
| `nextToken` | string | Pagination token for the next page of results |
| `count` | number | Number of secrets returned |

Expand Down Expand Up @@ -154,4 +154,131 @@ Delete a secret from AWS Secrets Manager
| `arn` | string | ARN of the deleted secret |
| `deletionDate` | string | Scheduled deletion date |

### `secrets_manager_describe_secret`

Retrieve full metadata for a secret in AWS Secrets Manager, including rotation configuration and replication status, without exposing the secret value

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `secretId` | string | Yes | The name or ARN of the secret to describe |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `name` | string | Name of the secret |
| `arn` | string | ARN of the secret |
| `description` | string | Description of the secret |
| `kmsKeyId` | string | KMS key ID used to encrypt the secret |
| `rotationEnabled` | boolean | Whether automatic rotation is enabled |
| `rotationLambdaARN` | string | ARN of the Lambda function used for rotation |
| `rotationRules` | json | Rotation schedule configuration |
| `lastRotatedDate` | string | Date the secret was last rotated |
| `lastChangedDate` | string | Date the secret was last changed |
| `lastAccessedDate` | string | Date the secret was last accessed |
| `deletedDate` | string | Scheduled deletion date |
| `nextRotationDate` | string | Date the secret is next scheduled to rotate |
| `tags` | array | Tags attached to the secret |
| `versionIdsToStages` | json | Map of version IDs to their staging labels |
| `owningService` | string | ID of the AWS service that manages this secret, if any |
| `createdDate` | string | Date the secret was created |
| `primaryRegion` | string | The primary region of the secret, if replicated |
| `replicationStatus` | array | Replication status for each region the secret is replicated to |

### `secrets_manager_tag_resource`

Attach tags to a secret in AWS Secrets Manager

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `secretId` | string | Yes | The name or ARN of the secret to tag |
| `tags` | json | Yes | Tags to attach, as an array of \{key, value\} pairs \(max 50\) |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Operation status message |
| `name` | string | Name or ARN of the tagged secret |

### `secrets_manager_untag_resource`

Remove tags from a secret in AWS Secrets Manager

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `secretId` | string | Yes | The name or ARN of the secret to untag |
| `tagKeys` | json | Yes | Tag keys to remove, as an array of strings \(max 50\) |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Operation status message |
| `name` | string | Name or ARN of the untagged secret |

### `secrets_manager_restore_secret`

Cancel a scheduled deletion for a secret in AWS Secrets Manager, restoring access to it

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `secretId` | string | Yes | The name or ARN of the secret to restore |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Operation status message |
| `name` | string | Name of the restored secret |
| `arn` | string | ARN of the restored secret |

### `secrets_manager_rotate_secret`

Start or reconfigure rotation for a secret in AWS Secrets Manager

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `secretId` | string | Yes | The name or ARN of the secret to rotate |
| `clientRequestToken` | string | No | Idempotency token for the new secret version \(32-64 characters\) |
| `rotationLambdaARN` | string | No | ARN of the Lambda function that performs rotation \(omit for managed rotation\) |
| `automaticallyAfterDays` | number | No | Number of days between rotations \(1-1000\). Mutually exclusive with schedule expression |
| `duration` | string | No | Length of the rotation window in hours, e.g. "3h" |
| `scheduleExpression` | string | No | A cron\(\) or rate\(\) expression defining the rotation schedule |
| `rotateImmediately` | boolean | No | Whether to rotate immediately \(default true\) or wait for the next scheduled window |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Operation status message |
| `name` | string | Name of the secret |
| `arn` | string | ARN of the secret |
| `versionId` | string | ID of the new secret version created by rotation |


230 changes: 229 additions & 1 deletion apps/docs/content/docs/en/integrations/ses.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ In Sim, the AWS SES integration is designed for workflows that need reliable, pr

## Usage Instructions

Integrate AWS SES v2 into the workflow. Send simple, templated, and bulk emails. Manage email templates and retrieve account sending quota and verified identity information.
Integrate AWS SES v2 into the workflow. Send simple, templated, and bulk emails. Manage email templates, identities, configuration sets, and the account suppression list, and retrieve account sending quota and verified identity information.



Expand Down Expand Up @@ -238,4 +238,232 @@ Delete an existing SES email template
| --------- | ---- | ----------- |
| `message` | string | Confirmation message for the deleted template |

### `ses_update_template`

Update the subject, HTML, and text content of an existing SES email template

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `templateName` | string | Yes | The name of the template to update |
| `subjectPart` | string | Yes | The subject line of the template |
| `htmlPart` | string | No | The HTML body of the template |
| `textPart` | string | No | The plain text body of the template |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Confirmation message |

### `ses_put_suppressed_destination`

Add an email address to the account-level SES suppression list

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `emailAddress` | string | Yes | The email address to add to the suppression list |
| `reason` | string | Yes | The reason the address is suppressed: BOUNCE or COMPLAINT |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Confirmation message |

### `ses_delete_suppressed_destination`

Remove an email address from the account-level SES suppression list

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `emailAddress` | string | Yes | The email address to remove from the suppression list |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Confirmation message |

### `ses_get_suppressed_destination`

Retrieve details for a specific email address on the SES suppression list

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `emailAddress` | string | Yes | The suppressed email address to look up |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `emailAddress` | string | The suppressed email address |
| `reason` | string | The reason the address is suppressed |
| `lastUpdateTime` | string | When the address was added to the suppression list |
| `messageId` | string | The message ID associated with the bounce or complaint event |
| `feedbackId` | string | The feedback ID associated with the bounce or complaint event |

### `ses_list_suppressed_destinations`

List email addresses on the account-level SES suppression list

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `reasons` | string | No | Comma-separated suppression reasons to filter by: BOUNCE, COMPLAINT |
| `startDate` | string | No | Only include addresses suppressed after this ISO 8601 date |
| `endDate` | string | No | Only include addresses suppressed before this ISO 8601 date |
| `pageSize` | number | No | Maximum number of results to return |
| `nextToken` | string | No | Pagination token from a previous list response |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `destinations` | array | List of suppressed destinations with email address, reason, and last update |
| `nextToken` | string | Pagination token for the next page of results |
| `count` | number | Number of suppressed destinations returned |

### `ses_create_email_identity`

Start verification of a new SES email address or domain identity

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `emailIdentity` | string | Yes | The email address or domain to verify |
| `dkimSigningAttributes` | json | No | Bring-your-own-DKIM signing attributes as JSON \(domainSigningSelector, domainSigningPrivateKey, nextSigningKeyLength\). Domain identities only. |
| `tags` | json | No | JSON array of tags to associate with the identity: \[\{"key":"","value":""\}\] |
| `configurationSetName` | string | No | Default configuration set to use when sending from this identity |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `identityType` | string | The identity type: EMAIL_ADDRESS or DOMAIN |
| `verifiedForSendingStatus` | boolean | Whether the identity is verified and can send email |
| `dkimAttributes` | json | DKIM signing status and CNAME tokens for the identity |

### `ses_delete_email_identity`

Delete a verified SES email address or domain identity

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `emailIdentity` | string | Yes | The email address or domain identity to delete |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Confirmation message |

### `ses_get_email_identity`

Retrieve verification status, DKIM, Mail-From, and policy details for an SES identity

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `emailIdentity` | string | Yes | The email address or domain identity to look up |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `identityType` | string | The identity type: EMAIL_ADDRESS or DOMAIN |
| `verifiedForSendingStatus` | boolean | Whether the identity is verified and can send email |
| `verificationStatus` | string | Verification status: PENDING, SUCCESS, FAILED, TEMPORARY_FAILURE, NOT_STARTED |
| `feedbackForwardingStatus` | boolean | Whether bounce/complaint notifications are forwarded by email |
| `configurationSetName` | string | Default configuration set for this identity |
| `dkimAttributes` | json | DKIM signing status and CNAME tokens for the identity |
| `mailFromAttributes` | json | Custom MAIL FROM domain configuration for the identity |
| `policies` | json | Sending authorization policies attached to the identity |
| `tags` | array | Tags associated with the identity |
| `verificationInfo` | json | Additional verification diagnostics \(error type, last checked/success time\) |

### `ses_create_configuration_set`

Create an SES configuration set to control tracking, delivery, reputation, sending, and suppression behavior for emails

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `configurationSetName` | string | Yes | Name of the configuration set \(letters, numbers, hyphens, underscores\) |
| `customRedirectDomain` | string | No | Custom domain to use for open/click tracking links |
| `httpsPolicy` | string | No | HTTPS policy for tracking links: REQUIRE, REQUIRE_OPEN_ONLY, or OPTIONAL |
| `tlsPolicy` | string | No | Whether delivery requires TLS: REQUIRE or OPTIONAL |
| `sendingPoolName` | string | No | Dedicated IP pool to associate with the configuration set |
| `reputationMetricsEnabled` | boolean | No | Whether to collect reputation metrics for emails using this configuration set |
| `sendingEnabled` | boolean | No | Whether sending is enabled for this configuration set |
| `suppressedReasons` | string | No | Comma-separated reasons that trigger suppression: BOUNCE, COMPLAINT |
| `tags` | json | No | JSON array of tags to associate with the configuration set: \[\{"key":"","value":""\}\] |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `message` | string | Confirmation message |

### `ses_send_custom_verification_email`

Send a branded custom verification email to an address using a custom verification email template

#### Input

| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
| `accessKeyId` | string | Yes | AWS access key ID |
| `secretAccessKey` | string | Yes | AWS secret access key |
| `emailAddress` | string | Yes | The email address to verify |
| `templateName` | string | Yes | The name of the custom verification email template to use |
| `configurationSetName` | string | No | Configuration set to use when sending the verification email |

#### Output

| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `messageId` | string | SES message ID for the sent verification email |


Loading
Loading