interface CfnResourcePolicyProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.SecretsManager.CfnResourcePolicyProps |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awssecretsmanager#CfnResourcePolicyProps |
 Java | software.amazon.awscdk.services.secretsmanager.CfnResourcePolicyProps |
 Python | aws_cdk.aws_secretsmanager.CfnResourcePolicyProps |
 TypeScript | aws-cdk-lib » aws_secretsmanager » CfnResourcePolicyProps |
Properties for defining a CfnResourcePolicy.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_secretsmanager as secretsmanager } from 'aws-cdk-lib';
declare const resourcePolicy: any;
const cfnResourcePolicyProps: secretsmanager.CfnResourcePolicyProps = {
resourcePolicy: resourcePolicy,
secretId: 'secretId',
// the properties below are optional
blockPublicPolicy: false,
};
Properties
| Name | Type | Description |
|---|---|---|
| resource | any | A JSON-formatted string for an AWS resource-based policy. |
| secret | string | The ARN or name of the secret to attach the resource-based policy. |
| block | boolean | IResolvable | Specifies whether to block resource-based policies that allow broad access to the secret. |
resourcePolicy
Type:
any
A JSON-formatted string for an AWS resource-based policy.
For example policies, see Permissions policy examples .
secretId
Type:
string
The ARN or name of the secret to attach the resource-based policy.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.
blockPublicPolicy?
Type:
boolean | IResolvable
(optional)
Specifies whether to block resource-based policies that allow broad access to the secret.
By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.