|node||The construct node in the tree.|
|secret||The ARN of the secret in AWS Secrets Manager.|
|secret||Same as |
|secret||Retrieve the value of the stored secret as a |
|stack||The stack in which this resource is defined.|
|encryption||The customer-managed encryption key that is used to encrypt this secret, if any.|
The construct node in the tree.
The ARN of the secret in AWS Secrets Manager.
Retrieve the value of the stored secret as a
The stack in which this resource is defined.
The customer-managed encryption key that is used to encrypt this secret, if any.
When not specified, the default KMS key for the account and region is being used.
|add||Adds a rotation schedule to the secret.|
|add||Adds a statement to the IAM resource policy associated with this secret.|
|deny||Denies the |
|grant||Grants reading the secret value to some role.|
|secret||Interpret the secret as a JSON object and return a field's value from it as a |
Rotation Schedule(id, options)
public addRotationSchedule(id: string, options: RotationScheduleOptions): RotationSchedule
Adds a rotation schedule to the secret.
To Resource Policy(statement)
public addToResourcePolicy(statement: PolicyStatement): void
Adds a statement to the IAM resource policy associated with this secret.
If this secret was created in this stack, a resource policy will be
automatically created upon the first call to
the secret is imported, then this is a no-op.
Account Root Delete()
public denyAccountRootDelete(): void
DeleteSecret action to all principals within the current account.
public grantRead(grantee: IGrantable, versionStages?: Array<string>): Grant
IGrantable— the principal being granted permission.
Array— the version stages the grant is limited to.
Grants reading the secret value to some role.
Value From Json(key)
public secretValueFromJson(key: string): SecretValue
Interpret the secret as a JSON object and return a field's value from it as a