Interface ISecretTargetAttachment.Jsii$Default
- All Superinterfaces:
IConstruct
,software.constructs.IConstruct
,IConstruct.Jsii$Default
,software.constructs.IConstruct.Jsii$Default
,IDependable
,IDependable.Jsii$Default
,IResource
,IResource.Jsii$Default
,ISecret
,ISecret.Jsii$Default
,ISecretTargetAttachment
,software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
ISecretTargetAttachment.Jsii$Proxy
- Enclosing interface:
- ISecretTargetAttachment
ISecretTargetAttachment
.-
Nested Class Summary
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct
IConstruct.Jsii$Default, IConstruct.Jsii$Proxy
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default, software.constructs.IConstruct.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IDependable
IDependable.Jsii$Default, IDependable.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IResource
IResource.Jsii$Default, IResource.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.services.secretsmanager.ISecret
ISecret.Jsii$Default, ISecret.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.services.secretsmanager.ISecretTargetAttachment
ISecretTargetAttachment.Jsii$Default, ISecretTargetAttachment.Jsii$Proxy
-
Method Summary
Modifier and TypeMethodDescriptiondefault RotationSchedule
addRotationSchedule
(String id, RotationScheduleOptions options) Adds a rotation schedule to the secret.default AddToResourcePolicyResult
addToResourcePolicy
(PolicyStatement statement) Adds a statement to the IAM resource policy associated with this secret.default void
applyRemovalPolicy
(RemovalPolicy policy) Apply the given removal policy to this resource.default ISecret
attach
(ISecretAttachmentTarget target) Attach a target to this secret.default void
Denies theDeleteSecret
action to all principals within the current account.default IKey
The customer-managed encryption key that is used to encrypt this secret, if any.default ResourceEnvironment
getEnv()
The environment this resource belongs to.default ConstructNode
getNode()
The construct tree node for this construct.default String
The ARN of the secret in AWS Secrets Manager.default String
The full ARN of the secret in AWS Secrets Manager, which is the ARN including the Secrets Manager-supplied 6-character suffix.default String
The name of the secret.default String
Same assecretArn
.default SecretValue
Retrieve the value of the stored secret as aSecretValue
.default Stack
getStack()
The stack in which this resource is defined.default Grant
grantRead
(IGrantable grantee, List<String> versionStages) Grants reading the secret value to some role.default Grant
grantWrite
(IGrantable grantee) Grants writing and updating the secret value to some role.default SecretValue
Interpret the secret as a JSON object and return a field's value from it as aSecretValue
.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getNode
The construct tree node for this construct.- Specified by:
getNode
in interfaceIConstruct
- Specified by:
getNode
in interfaceIConstruct.Jsii$Default
- Specified by:
getNode
in interfaceIResource.Jsii$Default
- Specified by:
getNode
in interfaceISecret.Jsii$Default
-
getEnv
The environment this resource belongs to.For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
- Specified by:
getEnv
in interfaceIResource
- Specified by:
getEnv
in interfaceIResource.Jsii$Default
- Specified by:
getEnv
in interfaceISecret.Jsii$Default
-
getStack
The stack in which this resource is defined.- Specified by:
getStack
in interfaceIResource
- Specified by:
getStack
in interfaceIResource.Jsii$Default
- Specified by:
getStack
in interfaceISecret.Jsii$Default
-
getSecretArn
The ARN of the secret in AWS Secrets Manager.Will return the full ARN if available, otherwise a partial arn. For secrets imported by the deprecated
fromSecretName
, it will return thesecretName
.- Specified by:
getSecretArn
in interfaceISecret
- Specified by:
getSecretArn
in interfaceISecret.Jsii$Default
-
getSecretName
The name of the secret.For "owned" secrets, this will be the full resource name (secret name + suffix), unless the '@aws-cdk/aws-secretsmanager:parseOwnedSecretName' feature flag is set.
- Specified by:
getSecretName
in interfaceISecret
- Specified by:
getSecretName
in interfaceISecret.Jsii$Default
-
getSecretValue
Retrieve the value of the stored secret as aSecretValue
.- Specified by:
getSecretValue
in interfaceISecret
- Specified by:
getSecretValue
in interfaceISecret.Jsii$Default
-
getEncryptionKey
The customer-managed encryption key that is used to encrypt this secret, if any.When not specified, the default KMS key for the account and region is being used.
- Specified by:
getEncryptionKey
in interfaceISecret
- Specified by:
getEncryptionKey
in interfaceISecret.Jsii$Default
-
getSecretFullArn
The full ARN of the secret in AWS Secrets Manager, which is the ARN including the Secrets Manager-supplied 6-character suffix.This is equal to
secretArn
in most cases, but is undefined when a full ARN is not available (e.g., secrets imported by name).- Specified by:
getSecretFullArn
in interfaceISecret
- Specified by:
getSecretFullArn
in interfaceISecret.Jsii$Default
-
getSecretTargetAttachmentSecretArn
Same assecretArn
.- Specified by:
getSecretTargetAttachmentSecretArn
in interfaceISecretTargetAttachment
-
applyRemovalPolicy
Apply the given removal policy to this resource.The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (
RemovalPolicy.DESTROY
), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN
).- Specified by:
applyRemovalPolicy
in interfaceIResource
- Specified by:
applyRemovalPolicy
in interfaceIResource.Jsii$Default
- Specified by:
applyRemovalPolicy
in interfaceISecret.Jsii$Default
- Parameters:
policy
- This parameter is required.
-
addRotationSchedule
@Stability(Stable) @NotNull default RotationSchedule addRotationSchedule(@NotNull String id, @NotNull RotationScheduleOptions options) Adds a rotation schedule to the secret.- Specified by:
addRotationSchedule
in interfaceISecret
- Specified by:
addRotationSchedule
in interfaceISecret.Jsii$Default
- Parameters:
id
- This parameter is required.options
- This parameter is required.
-
addToResourcePolicy
@Stability(Stable) @NotNull default AddToResourcePolicyResult addToResourcePolicy(@NotNull PolicyStatement statement) Adds a statement to the IAM resource policy associated with this secret.If this secret was created in this stack, a resource policy will be automatically created upon the first call to
addToResourcePolicy
. If the secret is imported, then this is a no-op.- Specified by:
addToResourcePolicy
in interfaceISecret
- Specified by:
addToResourcePolicy
in interfaceISecret.Jsii$Default
- Parameters:
statement
- This parameter is required.
-
attach
Attach a target to this secret.- Specified by:
attach
in interfaceISecret
- Specified by:
attach
in interfaceISecret.Jsii$Default
- Parameters:
target
- The target to attach. This parameter is required.- Returns:
- An attached secret
-
denyAccountRootDelete
@Stability(Stable) default void denyAccountRootDelete()Denies theDeleteSecret
action to all principals within the current account.- Specified by:
denyAccountRootDelete
in interfaceISecret
- Specified by:
denyAccountRootDelete
in interfaceISecret.Jsii$Default
-
grantRead
@Stability(Stable) @NotNull default Grant grantRead(@NotNull IGrantable grantee, @Nullable List<String> versionStages) Grants reading the secret value to some role.- Specified by:
grantRead
in interfaceISecret
- Specified by:
grantRead
in interfaceISecret.Jsii$Default
- Parameters:
grantee
- the principal being granted permission. This parameter is required.versionStages
- the version stages the grant is limited to.
-
grantWrite
Grants writing and updating the secret value to some role.- Specified by:
grantWrite
in interfaceISecret
- Specified by:
grantWrite
in interfaceISecret.Jsii$Default
- Parameters:
grantee
- the principal being granted permission. This parameter is required.
-
secretValueFromJson
Interpret the secret as a JSON object and return a field's value from it as aSecretValue
.- Specified by:
secretValueFromJson
in interfaceISecret
- Specified by:
secretValueFromJson
in interfaceISecret.Jsii$Default
- Parameters:
key
- This parameter is required.
-