CfnResourcePolicyProps
- class aws_cdk.aws_secretsmanager.CfnResourcePolicyProps(*, resource_policy, secret_id, block_public_policy=None)
Bases:
object
Properties for defining a
CfnResourcePolicy
.- Parameters:
resource_policy (
Any
) – A JSON-formatted string for an AWS resource-based policy. For example policies, see Permissions policy examples .secret_id (
str
) – The ARN or name of the secret to attach the resource-based policy. For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.block_public_policy (
Union
[bool
,IResolvable
,None
]) – Specifies whether to block resource-based policies that allow broad access to the secret. By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_secretsmanager as secretsmanager # resource_policy: Any cfn_resource_policy_props = secretsmanager.CfnResourcePolicyProps( resource_policy=resource_policy, secret_id="secretId", # the properties below are optional block_public_policy=False )
Attributes
- block_public_policy
Specifies whether to block resource-based policies that allow broad access to the secret.
By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.
- resource_policy
A JSON-formatted string for an AWS resource-based policy.
For example policies, see Permissions policy examples .
- secret_id
The ARN or name of the secret to attach the resource-based policy.
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.