@Generated(value="jsii-pacmak/1.73.0 (build 6faeda3)", date="2023-01-31T18:36:54.951Z") public class CfnResourcePolicy extends CfnResource implements IInspectable
Attaches a resource-based permission policy to a secret. A resource-based policy is optional. For more information, see Authentication and access control for Secrets Manager
For information about attaching a policy in the console, see Attach a permissions policy to a secret .
Required permissions: secretsmanager:PutResourcePolicy
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.secretsmanager.*; Object resourcePolicy; CfnResourcePolicy cfnResourcePolicy = CfnResourcePolicy.Builder.create(this, "MyCfnResourcePolicy") .resourcePolicy(resourcePolicy) .secretId("secretId") // the properties below are optional .blockPublicPolicy(false) .build();
Modifier and Type | Class and Description |
---|---|
static class |
CfnResourcePolicy.Builder
A fluent builder for
CfnResourcePolicy . |
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
IConstruct.Jsii$Default
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
|
Modifier | Constructor and Description |
---|---|
|
CfnResourcePolicy(Construct scope,
java.lang.String id,
CfnResourcePolicyProps props)
Create a new `AWS::SecretsManager::ResourcePolicy`.
|
protected |
CfnResourcePolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
CfnResourcePolicy(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
java.lang.Object |
getBlockPublicPolicy()
Specifies whether to block resource-based policies that allow broad access to the secret.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
getCfnProperties() |
java.lang.Object |
getResourcePolicy()
A JSON-formatted string for an AWS resource-based policy.
|
java.lang.String |
getSecretId()
The ARN or name of the secret to attach the resource-based policy.
|
void |
inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
renderProperties(java.util.Map<java.lang.String,java.lang.Object> props) |
void |
setBlockPublicPolicy(java.lang.Boolean value)
Specifies whether to block resource-based policies that allow broad access to the secret.
|
void |
setBlockPublicPolicy(IResolvable value)
Specifies whether to block resource-based policies that allow broad access to the secret.
|
void |
setResourcePolicy(java.lang.Object value)
A JSON-formatted string for an AWS resource-based policy.
|
void |
setSecretId(java.lang.String value)
The ARN or name of the secret to attach the resource-based policy.
|
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties
getRef
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
public static final java.lang.String CFN_RESOURCE_TYPE_NAME
protected CfnResourcePolicy(software.amazon.jsii.JsiiObjectRef objRef)
protected CfnResourcePolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public CfnResourcePolicy(Construct scope, java.lang.String id, CfnResourcePolicyProps props)
scope
- - scope in which this resource is defined. This parameter is required.id
- - scoped id of the resource. This parameter is required.props
- - resource properties. This parameter is required.public void inspect(TreeInspector inspector)
inspect
in interface IInspectable
inspector
- - tree inspector to collect and process attributes. This parameter is required.protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
renderProperties
in class CfnResource
props
- This parameter is required.protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()
getCfnProperties
in class CfnResource
public java.lang.Object getResourcePolicy()
For example policies, see Permissions policy examples .
public void setResourcePolicy(java.lang.Object value)
For example policies, see Permissions policy examples .
public java.lang.String getSecretId()
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.
public void setSecretId(java.lang.String value)
For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.
public java.lang.Object getBlockPublicPolicy()
By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.
public void setBlockPublicPolicy(java.lang.Boolean value)
By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.
public void setBlockPublicPolicy(IResolvable value)
By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.