software.amazon.awscdk.services.secretsmanager

Class CfnResourcePolicy

java.lang.Object

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.core.CfnElement

software.amazon.awscdk.core.CfnRefElement

software.amazon.awscdk.core.CfnResource

software.amazon.awscdk.services.secretsmanager.CfnResourcePolicy

All Implemented Interfaces:

IConstruct, IDependable, IInspectable

@Generated(value="jsii-pacmak/1.73.0 (build 6faeda3)",
           date="2023-01-31T18:36:54.951Z")
public class CfnResourcePolicy
extends CfnResource
implements IInspectable

A CloudFormation `AWS::SecretsManager::ResourcePolicy`.

Attaches a resource-based permission policy to a secret. A resource-based policy is optional. For more information, see Authentication and access control for Secrets Manager

For information about attaching a policy in the console, see Attach a permissions policy to a secret .

Required permissions: secretsmanager:PutResourcePolicy . For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager .

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.secretsmanager.*;
 Object resourcePolicy;
 CfnResourcePolicy cfnResourcePolicy = CfnResourcePolicy.Builder.create(this, "MyCfnResourcePolicy")
         .resourcePolicy(resourcePolicy)
         .secretId("secretId")
         // the properties below are optional
         .blockPublicPolicy(false)
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CfnResourcePolicy.Builder A fluent builder for CfnResourcePolicy.

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IInspectable

IInspectable.Jsii$Default, IInspectable.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct

IConstruct.Jsii$Default

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CFN_RESOURCE_TYPE_NAME The CloudFormation resource type name for this resource class.

Constructor Summary

Constructors

Modifier	Constructor and Description
	CfnResourcePolicy(Construct scope, java.lang.String id, CfnResourcePolicyProps props) Create a new `AWS::SecretsManager::ResourcePolicy`.
protected	CfnResourcePolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	CfnResourcePolicy(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
java.lang.Object	getBlockPublicPolicy() Specifies whether to block resource-based policies that allow broad access to the secret.
protected java.util.Map<java.lang.String,java.lang.Object>	getCfnProperties()
java.lang.Object	getResourcePolicy() A JSON-formatted string for an AWS resource-based policy.
java.lang.String	getSecretId() The ARN or name of the secret to attach the resource-based policy.
void	inspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.
protected java.util.Map<java.lang.String,java.lang.Object>	renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
void	setBlockPublicPolicy(java.lang.Boolean value) Specifies whether to block resource-based policies that allow broad access to the secret.
void	setBlockPublicPolicy(IResolvable value) Specifies whether to block resource-based policies that allow broad access to the secret.
void	setResourcePolicy(java.lang.Object value) A JSON-formatted string for an AWS resource-based policy.
void	setSecretId(java.lang.String value) The ARN or name of the secret to attach the resource-based policy.

Methods inherited from class software.amazon.awscdk.core.CfnResource

addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties

Methods inherited from class software.amazon.awscdk.core.CfnRefElement

getRef

Methods inherited from class software.amazon.awscdk.core.CfnElement

getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

CFN_RESOURCE_TYPE_NAME

public static final java.lang.String CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

Constructor Detail

CfnResourcePolicy

protected CfnResourcePolicy(software.amazon.jsii.JsiiObjectRef objRef)

CfnResourcePolicy

protected CfnResourcePolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

CfnResourcePolicy

public CfnResourcePolicy(Construct scope,
                         java.lang.String id,
                         CfnResourcePolicyProps props)

Create a new `AWS::SecretsManager::ResourcePolicy`.

Parameters:

scope - - scope in which this resource is defined. This parameter is required.

id - - scoped id of the resource. This parameter is required.

props - - resource properties. This parameter is required.

Method Detail

inspect

public void inspect(TreeInspector inspector)

Examines the CloudFormation resource and discloses attributes.

Specified by:

inspect in interface IInspectable

Parameters:

inspector - - tree inspector to collect and process attributes. This parameter is required.

renderProperties

protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)

Overrides:

renderProperties in class CfnResource

Parameters:

props - This parameter is required.

getCfnProperties

protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()

Overrides:

getCfnProperties in class CfnResource

getResourcePolicy

public java.lang.Object getResourcePolicy()

A JSON-formatted string for an AWS resource-based policy.

For example policies, see Permissions policy examples .

setResourcePolicy

public void setResourcePolicy(java.lang.Object value)

A JSON-formatted string for an AWS resource-based policy.

For example policies, see Permissions policy examples .

getSecretId

public java.lang.String getSecretId()

The ARN or name of the secret to attach the resource-based policy.

For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.

setSecretId

public void setSecretId(java.lang.String value)

The ARN or name of the secret to attach the resource-based policy.

For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.

getBlockPublicPolicy

public java.lang.Object getBlockPublicPolicy()

Specifies whether to block resource-based policies that allow broad access to the secret.

By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.

setBlockPublicPolicy

public void setBlockPublicPolicy(java.lang.Boolean value)

Specifies whether to block resource-based policies that allow broad access to the secret.

By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.

setBlockPublicPolicy

public void setBlockPublicPolicy(IResolvable value)

Specifies whether to block resource-based policies that allow broad access to the secret.

By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.