Class SecretStringValueBeta1
(deprecated) An experimental class used to specify an initial secret value for a Secret.
Inheritance
Namespace: Amazon.CDK.AWS.SecretsManager
Assembly: Amazon.CDK.AWS.SecretsManager.dll
Syntax (csharp)
public class SecretStringValueBeta1 : DeputyBase
Syntax (vb)
Public Class SecretStringValueBeta1
Inherits DeputyBase
Remarks
The class wraps a simple string (or JSON representation) in order to provide some safety checks and warnings about the dangers of using plaintext strings as initial secret seed values via CDK/CloudFormation.
Stability: Deprecated
ExampleMetadata: infused
Examples
// Creates a new IAM user, access and secret keys, and stores the secret access key in a Secret.
var user = new User(this, "User");
var accessKey = new AccessKey(this, "AccessKey", new AccessKeyProps { User = user });
var secretValue = SecretStringValueBeta1.FromToken(accessKey.SecretAccessKey.ToString());
new Secret(this, "Secret", new SecretProps {
SecretStringBeta1 = secretValue
});
Synopsis
Constructors
SecretStringValueBeta1(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
SecretStringValueBeta1(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Methods
FromToken(String) | (deprecated) Creates a |
FromUnsafePlaintext(String) | (deprecated) Creates a |
SecretValue() | (deprecated) Returns the secret value. |
Constructors
SecretStringValueBeta1(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected SecretStringValueBeta1(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
SecretStringValueBeta1(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected SecretStringValueBeta1(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Methods
FromToken(String)
(deprecated) Creates a SecretValueValueBeta1
from a string value coming from a Token.
public static SecretStringValueBeta1 FromToken(string secretValueFromToken)
Parameters
- secretValueFromToken System.String
a secret value coming from a Construct attribute or Custom Resource output.
Returns
Remarks
The intent is to enable creating secrets from references (e.g., Ref
, Fn::GetAtt
) from other resources.
This might be the direct output of another Construct, or the output of a Custom Resource.
This method throws if it determines the input is an unsafe plaintext string.
For example:
// Creates a new IAM user, access and secret keys, and stores the secret access key in a Secret.
var user = new User(this, "User");
var accessKey = new AccessKey(this, "AccessKey", new AccessKeyProps { User = user });
var secretValue = SecretStringValueBeta1.FromToken(accessKey.SecretAccessKey.ToString());
new Secret(this, "Secret", new SecretProps {
SecretStringBeta1 = secretValue
});
The secret may also be embedded in a string representation of a JSON structure:
var user = new User(this, "User");
var accessKey = new AccessKey(this, "AccessKey", new AccessKeyProps { User = user });
var secretValue = SecretStringValueBeta1.FromToken(JSON.Stringify(new Dictionary<string, object> {
{ "username", user.UserName },
{ "database", "foo" },
{ "password", accessKey.SecretAccessKey.UnsafeUnwrap() }
}));
Note that the value being a Token does not guarantee safety. For example, a Lazy-evaluated string
(e.g., Lazy.string({ produce: () => 'myInsecurePassword' }))
) is a Token, but as the output is
ultimately a plaintext string, and so insecure.
Stability: Deprecated
FromUnsafePlaintext(String)
(deprecated) Creates a SecretStringValueBeta1
from a plaintext value.
public static SecretStringValueBeta1 FromUnsafePlaintext(string secretValue)
Parameters
- secretValue System.String
Returns
Remarks
This approach is inherently unsafe, as the secret value may be visible in your source control repository and will also appear in plaintext in the resulting CloudFormation template, including in the AWS Console or APIs. Usage of this method is discouraged, especially for production workloads.
Stability: Deprecated
SecretValue()
(deprecated) Returns the secret value.
public virtual string SecretValue()
Returns
System.String
Remarks
Stability: Deprecated