interface RotationScheduleProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.SecretsManager.RotationScheduleProps |
 Java | software.amazon.awscdk.services.secretsmanager.RotationScheduleProps |
 Python | aws_cdk.aws_secretsmanager.RotationScheduleProps |
 TypeScript (source) | @aws-cdk/aws-secretsmanager » RotationScheduleProps |
Construction properties for a RotationSchedule.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as lambda from '@aws-cdk/aws-lambda';
import * as secretsmanager from '@aws-cdk/aws-secretsmanager';
import * as cdk from '@aws-cdk/core';
declare const function_: lambda.Function;
declare const hostedRotation: secretsmanager.HostedRotation;
declare const secret: secretsmanager.Secret;
const rotationScheduleProps: secretsmanager.RotationScheduleProps = {
secret: secret,
// the properties below are optional
automaticallyAfter: cdk.Duration.minutes(30),
hostedRotation: hostedRotation,
rotationLambda: function_,
};
Properties
| Name | Type | Description |
|---|---|---|
| secret | ISecret | The secret to rotate. |
| automatically | Duration | Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation. |
| hosted | Hosted | Hosted rotation. |
| rotation | IFunction | A Lambda function that can rotate the secret. |
secret
Type:
ISecret
The secret to rotate.
If hosted rotation is used, this must be a JSON string with the following format:
{
"engine": <required: database engine>,
"host": <required: instance host name>,
"username": <required: username>,
"password": <required: password>,
"dbname": <optional: database name>,
"port": <optional: if not specified, default port will be used>,
"masterarn": <required for multi user rotation: the arn of the master secret which will be used to create users/change passwords>
}
This is typically the case for a secret referenced from an AWS::SecretsManager::SecretTargetAttachment
or an ISecret returned by the attach() method of Secret.
automaticallyAfter?
Type:
Duration
(optional, default: Duration.days(30))
Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.
A value of zero will disable automatic rotation - Duration.days(0).
hostedRotation?
Type:
Hosted
(optional, default: either rotationLambda or hostedRotation must be specified)
Hosted rotation.
rotationLambda?
Type:
IFunction
(optional, default: either rotationLambda or hostedRotation must be specified)
A Lambda function that can rotate the secret.