software.amazon.awscdk.services.secretsmanager

Interface CfnRotationSchedule.HostedRotationLambdaProperty

All Known Implementing Classes:

CfnRotationSchedule.HostedRotationLambdaProperty.Jsii$Proxy

Enclosing class:

CfnRotationSchedule

public static interface CfnRotationSchedule.HostedRotationLambdaProperty

Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) .

You must specify Transform: AWS::SecretsManager-2020-07-23 at the beginning of the CloudFormation template.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.secretsmanager.*;
 HostedRotationLambdaProperty hostedRotationLambdaProperty = HostedRotationLambdaProperty.builder()
         .rotationType("rotationType")
         // the properties below are optional
         .excludeCharacters("excludeCharacters")
         .kmsKeyArn("kmsKeyArn")
         .masterSecretArn("masterSecretArn")
         .masterSecretKmsKeyArn("masterSecretKmsKeyArn")
         .rotationLambdaName("rotationLambdaName")
         .superuserSecretArn("superuserSecretArn")
         .superuserSecretKmsKeyArn("superuserSecretKmsKeyArn")
         .vpcSecurityGroupIds("vpcSecurityGroupIds")
         .vpcSubnetIds("vpcSubnetIds")
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	CfnRotationSchedule.HostedRotationLambdaProperty.Builder A builder for CfnRotationSchedule.HostedRotationLambdaProperty
static class	CfnRotationSchedule.HostedRotationLambdaProperty.Jsii$Proxy An implementation for CfnRotationSchedule.HostedRotationLambdaProperty

Method Summary

Modifier and Type	Method and Description
static CfnRotationSchedule.HostedRotationLambdaProperty.Builder	builder()
default java.lang.String	getExcludeCharacters() A string of the characters that you don't want in the password.
default java.lang.String	getKmsKeyArn() The ARN of the KMS key that Secrets Manager uses to encrypt the secret.
default java.lang.String	getMasterSecretArn() The ARN of the secret that contains elevated credentials.
default java.lang.String	getMasterSecretKmsKeyArn() The ARN of the KMS key that Secrets Manager uses to encrypt the elevated secret if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) .
default java.lang.String	getRotationLambdaName() The name of the Lambda rotation function.
java.lang.String	getRotationType() The rotation template to base the rotation function on, one of the following:.
default java.lang.String	getSuperuserSecretArn() The ARN of the secret that contains elevated credentials.
default java.lang.String	getSuperuserSecretKmsKeyArn() The ARN of the KMS key that Secrets Manager uses to encrypt the elevated secret if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) .
default java.lang.String	getVpcSecurityGroupIds() A comma-separated list of security group IDs applied to the target database.
default java.lang.String	getVpcSubnetIds() A comma separated list of VPC subnet IDs of the target database network.

Method Detail

getRotationType

java.lang.String getRotationType()

The rotation template to base the rotation function on, one of the following:.

• MySQLSingleUser to use the template SecretsManagerRDSMySQLRotationSingleUser .
• MySQLMultiUser to use the template SecretsManagerRDSMySQLRotationMultiUser .
• PostgreSQLSingleUser to use the template SecretsManagerRDSPostgreSQLRotationSingleUser
• PostgreSQLMultiUser to use the template SecretsManagerRDSPostgreSQLRotationMultiUser .
• OracleSingleUser to use the template SecretsManagerRDSOracleRotationSingleUser .
• OracleMultiUser to use the template SecretsManagerRDSOracleRotationMultiUser .
• MariaDBSingleUser to use the template SecretsManagerRDSMariaDBRotationSingleUser .
• MariaDBMultiUser to use the template SecretsManagerRDSMariaDBRotationMultiUser .
• SQLServerSingleUser to use the template SecretsManagerRDSSQLServerRotationSingleUser .
• SQLServerMultiUser to use the template SecretsManagerRDSSQLServerRotationMultiUser .
• RedshiftSingleUser to use the template SecretsManagerRedshiftRotationSingleUsr .
• RedshiftMultiUser to use the template SecretsManagerRedshiftRotationMultiUser .
• MongoDBSingleUser to use the template SecretsManagerMongoDBRotationSingleUser .
• MongoDBMultiUser to use the template SecretsManagerMongoDBRotationMultiUser .

getExcludeCharacters

default java.lang.String getExcludeCharacters()

A string of the characters that you don't want in the password.

getKmsKeyArn

default java.lang.String getKmsKeyArn()

The ARN of the KMS key that Secrets Manager uses to encrypt the secret.

If you don't specify this value, then Secrets Manager uses the key aws/secretsmanager . If aws/secretsmanager doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.

getMasterSecretArn

default java.lang.String getMasterSecretArn()

The ARN of the secret that contains elevated credentials.

You must create the elevated secret before you can set this property. The Lambda rotation function uses this secret for the Alternating users rotation strategy .

getMasterSecretKmsKeyArn

default java.lang.String getMasterSecretKmsKeyArn()

The ARN of the KMS key that Secrets Manager uses to encrypt the elevated secret if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . If you don't specify this value and you use the alternating users strategy, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.

getRotationLambdaName

default java.lang.String getRotationLambdaName()

The name of the Lambda rotation function.

getSuperuserSecretArn

default java.lang.String getSuperuserSecretArn()

The ARN of the secret that contains elevated credentials.

You must create the superuser secret before you can set this property. The Lambda rotation function uses this secret for the Alternating users rotation strategy .

getSuperuserSecretKmsKeyArn

default java.lang.String getSuperuserSecretKmsKeyArn()

The ARN of the KMS key that Secrets Manager uses to encrypt the elevated secret if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . If you don't specify this value and you use the alternating users strategy, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.

getVpcSecurityGroupIds

default java.lang.String getVpcSecurityGroupIds()

A comma-separated list of security group IDs applied to the target database.

The templates applies the same security groups as on the Lambda rotation function that is created as part of this stack.

getVpcSubnetIds

default java.lang.String getVpcSubnetIds()

A comma separated list of VPC subnet IDs of the target database network.

The Lambda rotation function is in the same subnet group.

builder

static CfnRotationSchedule.HostedRotationLambdaProperty.Builder builder()

Returns:

a CfnRotationSchedule.HostedRotationLambdaProperty.Builder of CfnRotationSchedule.HostedRotationLambdaProperty