SecretAttributes
- class aws_cdk.aws_secretsmanager.SecretAttributes(*, encryption_key=None, secret_complete_arn=None, secret_partial_arn=None)
Bases:
objectAttributes required to import an existing secret into the Stack.
One ARN format (
secretArn,secretCompleteArn,secretPartialArn) must be provided.- Parameters:
encryption_key (
Optional[IKey]) – The encryption key that is used to encrypt the secret, unless the default SecretsManager key is used.secret_complete_arn (
Optional[str]) – The complete ARN of the secret in SecretsManager. This is the ARN including the Secrets Manager 6-character suffix. Cannot be used withsecretArnorsecretPartialArn.secret_partial_arn (
Optional[str]) – The partial ARN of the secret in SecretsManager. This is the ARN without the Secrets Manager 6-character suffix. Cannot be used withsecretArnorsecretCompleteArn.
- ExampleMetadata:
infused
Example:
userpool = cognito.UserPool(self, "Pool") secret = secretsmanager.Secret.from_secret_attributes(self, "CognitoClientSecret", secret_complete_arn="arn:aws:secretsmanager:xxx:xxx:secret:xxx-xxx" ).secret_value provider = cognito.UserPoolIdentityProviderGoogle(self, "Google", client_id="amzn-client-id", client_secret_value=secret, user_pool=userpool )
Attributes
- encryption_key
The encryption key that is used to encrypt the secret, unless the default SecretsManager key is used.
- secret_complete_arn
The complete ARN of the secret in SecretsManager.
This is the ARN including the Secrets Manager 6-character suffix. Cannot be used with
secretArnorsecretPartialArn.
- secret_partial_arn
The partial ARN of the secret in SecretsManager.
This is the ARN without the Secrets Manager 6-character suffix. Cannot be used with
secretArnorsecretCompleteArn.