public static final class ISecret.Jsii$Proxy extends software.amazon.jsii.JsiiObject implements ISecret.Jsii$Default
ISecret.Jsii$Default, ISecret.Jsii$Proxy
Modifier | Constructor and Description |
---|---|
protected |
Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
RotationSchedule |
addRotationSchedule(java.lang.String id,
RotationScheduleOptions options)
Adds a rotation schedule to the secret.
|
AddToResourcePolicyResult |
addToResourcePolicy(PolicyStatement statement)
Adds a statement to the IAM resource policy associated with this secret.
|
void |
applyRemovalPolicy(RemovalPolicy policy)
Apply the given removal policy to this resource.
|
ISecret |
attach(ISecretAttachmentTarget target)
Attach a target to this secret.
|
void |
denyAccountRootDelete()
Denies the `DeleteSecret` action to all principals within the current account.
|
IKey |
getEncryptionKey()
The customer-managed encryption key that is used to encrypt this secret, if any.
|
ResourceEnvironment |
getEnv()
The environment this resource belongs to.
|
ConstructNode |
getNode()
The construct tree node for this construct.
|
java.lang.String |
getSecretArn()
The ARN of the secret in AWS Secrets Manager.
|
java.lang.String |
getSecretFullArn()
The full ARN of the secret in AWS Secrets Manager, which is the ARN including the Secrets Manager-supplied 6-character suffix.
|
java.lang.String |
getSecretName()
The name of the secret.
|
SecretValue |
getSecretValue()
Retrieve the value of the stored secret as a `SecretValue`.
|
Stack |
getStack()
The stack in which this resource is defined.
|
Grant |
grantRead(IGrantable grantee)
Grants reading the secret value to some role.
|
Grant |
grantRead(IGrantable grantee,
java.util.List<java.lang.String> versionStages)
Grants reading the secret value to some role.
|
Grant |
grantWrite(IGrantable grantee)
Grants writing and updating the secret value to some role.
|
SecretValue |
secretValueFromJson(java.lang.String key)
Interpret the secret as a JSON object and return a field's value from it as a `SecretValue`.
|
public final ConstructNode getNode()
getNode
in interface IConstruct
getNode
in interface IConstruct.Jsii$Default
getNode
in interface IResource.Jsii$Default
getNode
in interface ISecret.Jsii$Default
public final ResourceEnvironment getEnv()
For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
getEnv
in interface IResource
getEnv
in interface IResource.Jsii$Default
getEnv
in interface ISecret.Jsii$Default
public final Stack getStack()
getStack
in interface IResource
getStack
in interface IResource.Jsii$Default
getStack
in interface ISecret.Jsii$Default
public final java.lang.String getSecretArn()
Will return the full ARN if available, otherwise a partial arn.
For secrets imported by the deprecated fromSecretName
, it will return the secretName
.
getSecretArn
in interface ISecret
getSecretArn
in interface ISecret.Jsii$Default
public final java.lang.String getSecretName()
For "owned" secrets, this will be the full resource name (secret name + suffix), unless the '@aws-cdk/aws-secretsmanager:parseOwnedSecretName' feature flag is set.
getSecretName
in interface ISecret
getSecretName
in interface ISecret.Jsii$Default
public final SecretValue getSecretValue()
getSecretValue
in interface ISecret
getSecretValue
in interface ISecret.Jsii$Default
public final IKey getEncryptionKey()
When not specified, the default KMS key for the account and region is being used.
getEncryptionKey
in interface ISecret
getEncryptionKey
in interface ISecret.Jsii$Default
public final java.lang.String getSecretFullArn()
This is equal to secretArn
in most cases, but is undefined when a full ARN is not available (e.g., secrets imported by name).
getSecretFullArn
in interface ISecret
getSecretFullArn
in interface ISecret.Jsii$Default
public final void applyRemovalPolicy(RemovalPolicy policy)
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY
), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN
).
applyRemovalPolicy
in interface IResource
applyRemovalPolicy
in interface IResource.Jsii$Default
applyRemovalPolicy
in interface ISecret.Jsii$Default
policy
- This parameter is required.public final RotationSchedule addRotationSchedule(java.lang.String id, RotationScheduleOptions options)
addRotationSchedule
in interface ISecret
addRotationSchedule
in interface ISecret.Jsii$Default
id
- This parameter is required.options
- This parameter is required.public final AddToResourcePolicyResult addToResourcePolicy(PolicyStatement statement)
If this secret was created in this stack, a resource policy will be
automatically created upon the first call to addToResourcePolicy
. If
the secret is imported, then this is a no-op.
addToResourcePolicy
in interface ISecret
addToResourcePolicy
in interface ISecret.Jsii$Default
statement
- This parameter is required.public final ISecret attach(ISecretAttachmentTarget target)
attach
in interface ISecret
attach
in interface ISecret.Jsii$Default
target
- The target to attach. This parameter is required.public final void denyAccountRootDelete()
denyAccountRootDelete
in interface ISecret
denyAccountRootDelete
in interface ISecret.Jsii$Default
public final Grant grantRead(IGrantable grantee, java.util.List<java.lang.String> versionStages)
grantRead
in interface ISecret
grantRead
in interface ISecret.Jsii$Default
grantee
- the principal being granted permission. This parameter is required.versionStages
- the version stages the grant is limited to.public final Grant grantRead(IGrantable grantee)
public final Grant grantWrite(IGrantable grantee)
grantWrite
in interface ISecret
grantWrite
in interface ISecret.Jsii$Default
grantee
- the principal being granted permission. This parameter is required.public final SecretValue secretValueFromJson(java.lang.String key)
secretValueFromJson
in interface ISecret
secretValueFromJson
in interface ISecret.Jsii$Default
key
- This parameter is required.