Class CfnResourcePolicy
- All Implemented Interfaces:
IConstruct
,IDependable
,IInspectable
,software.amazon.jsii.JsiiSerializable
,software.constructs.IConstruct
AWS::SecretsManager::ResourcePolicy
.
Attaches a resource-based permission policy to a secret. A resource-based policy is optional. For more information, see Authentication and access control for Secrets Manager
For information about attaching a policy in the console, see Attach a permissions policy to a secret .
Required permissions: secretsmanager:PutResourcePolicy
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.secretsmanager.*; Object resourcePolicy; CfnResourcePolicy cfnResourcePolicy = CfnResourcePolicy.Builder.create(this, "MyCfnResourcePolicy") .resourcePolicy(resourcePolicy) .secretId("secretId") // the properties below are optional .blockPublicPolicy(false) .build();
-
Nested Class Summary
Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct
IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The CloudFormation resource type name for this resource class. -
Constructor Summary
ModifierConstructorDescriptionCfnResourcePolicy
(Construct scope, String id, CfnResourcePolicyProps props) Create a newAWS::SecretsManager::ResourcePolicy
.protected
CfnResourcePolicy
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
CfnResourcePolicy
(software.amazon.jsii.JsiiObjectRef objRef) -
Method Summary
Modifier and TypeMethodDescriptionSpecifies whether to block resource-based policies that allow broad access to the secret.A JSON-formatted string for an AWS resource-based policy.The ARN or name of the secret to attach the resource-based policy.void
inspect
(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties
(Map<String, Object> props) void
setBlockPublicPolicy
(Boolean value) Specifies whether to block resource-based policies that allow broad access to the secret.void
setBlockPublicPolicy
(IResolvable value) Specifies whether to block resource-based policies that allow broad access to the secret.void
setResourcePolicy
(Object value) A JSON-formatted string for an AWS resource-based policy.void
setSecretId
(String value) The ARN or name of the secret to attach the resource-based policy.Methods inherited from class software.amazon.awscdk.core.CfnResource
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties
Methods inherited from class software.amazon.awscdk.core.CfnRefElement
getRef
Methods inherited from class software.amazon.awscdk.core.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
Methods inherited from class software.amazon.awscdk.core.Construct
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnResourcePolicy
protected CfnResourcePolicy(software.amazon.jsii.JsiiObjectRef objRef) -
CfnResourcePolicy
protected CfnResourcePolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnResourcePolicy
@Stability(Stable) public CfnResourcePolicy(@NotNull Construct scope, @NotNull String id, @NotNull CfnResourcePolicyProps props) Create a newAWS::SecretsManager::ResourcePolicy
.- Parameters:
scope
-- scope in which this resource is defined.
id
-- scoped id of the resource.
props
-- resource properties.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspect
in interfaceIInspectable
- Parameters:
inspector
-- tree inspector to collect and process attributes.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderProperties
in classCfnResource
- Parameters:
props
- This parameter is required.
-
getCfnProperties
- Overrides:
getCfnProperties
in classCfnResource
-
getResourcePolicy
A JSON-formatted string for an AWS resource-based policy.For example policies, see Permissions policy examples .
-
setResourcePolicy
A JSON-formatted string for an AWS resource-based policy.For example policies, see Permissions policy examples .
-
getSecretId
The ARN or name of the secret to attach the resource-based policy.For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.
-
setSecretId
The ARN or name of the secret to attach the resource-based policy.For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.
-
getBlockPublicPolicy
Specifies whether to block resource-based policies that allow broad access to the secret.By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.
-
setBlockPublicPolicy
Specifies whether to block resource-based policies that allow broad access to the secret.By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.
-
setBlockPublicPolicy
Specifies whether to block resource-based policies that allow broad access to the secret.By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.
-