software.amazon.awscdk.services.secretsmanager

Class ISecret.Jsii$Proxy

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.secretsmanager.ISecret.Jsii$Proxy

All Implemented Interfaces:

IConstruct, IConstruct.Jsii$Default, IDependable, IDependable.Jsii$Default, IResource, IResource.Jsii$Default, ISecret, ISecret.Jsii$Default

Enclosing interface:

ISecret

public static final class ISecret.Jsii$Proxy
extends software.amazon.jsii.JsiiObject
implements ISecret.Jsii$Default

A proxy class which represents a concrete javascript instance of this type.

Nested Class Summary

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.secretsmanager.ISecret

ISecret.Jsii$Default, ISecret.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
RotationSchedule	addRotationSchedule(java.lang.String id, RotationScheduleOptions options) Adds a rotation schedule to the secret.
AddToResourcePolicyResult	addToResourcePolicy(PolicyStatement statement) Adds a statement to the IAM resource policy associated with this secret.
void	applyRemovalPolicy(RemovalPolicy policy) Apply the given removal policy to this resource.
ISecret	attach(ISecretAttachmentTarget target) Attach a target to this secret.
void	denyAccountRootDelete() Denies the `DeleteSecret` action to all principals within the current account.
IKey	getEncryptionKey() The customer-managed encryption key that is used to encrypt this secret, if any.
ResourceEnvironment	getEnv() The environment this resource belongs to.
ConstructNode	getNode() The construct tree node for this construct.
java.lang.String	getSecretArn() The ARN of the secret in AWS Secrets Manager.
java.lang.String	getSecretFullArn() The full ARN of the secret in AWS Secrets Manager, which is the ARN including the Secrets Manager-supplied 6-character suffix.
java.lang.String	getSecretName() The name of the secret.
SecretValue	getSecretValue() Retrieve the value of the stored secret as a `SecretValue`.
Stack	getStack() The stack in which this resource is defined.
Grant	grantRead(IGrantable grantee) Grants reading the secret value to some role.
Grant	grantRead(IGrantable grantee, java.util.List<java.lang.String> versionStages) Grants reading the secret value to some role.
Grant	grantWrite(IGrantable grantee) Grants writing and updating the secret value to some role.
SecretValue	secretValueFromJson(java.lang.String key) Interpret the secret as a JSON object and return a field's value from it as a `SecretValue`.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Jsii$Proxy

protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)

Method Detail

getNode

public final ConstructNode getNode()

The construct tree node for this construct.

Specified by:

getNode in interface IConstruct

Specified by:

getNode in interface IConstruct.Jsii$Default

Specified by:

getNode in interface IResource.Jsii$Default

Specified by:

getNode in interface ISecret.Jsii$Default

getEnv

public final ResourceEnvironment getEnv()

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.

Specified by:

getEnv in interface IResource

Specified by:

getEnv in interface IResource.Jsii$Default

Specified by:

getEnv in interface ISecret.Jsii$Default

getStack

public final Stack getStack()

The stack in which this resource is defined.

Specified by:

getStack in interface IResource

Specified by:

getStack in interface IResource.Jsii$Default

Specified by:

getStack in interface ISecret.Jsii$Default

getSecretArn

public final java.lang.String getSecretArn()

The ARN of the secret in AWS Secrets Manager.

Will return the full ARN if available, otherwise a partial arn. For secrets imported by the deprecated fromSecretName, it will return the secretName.

Specified by:

getSecretArn in interface ISecret

Specified by:

getSecretArn in interface ISecret.Jsii$Default

getSecretName

public final java.lang.String getSecretName()

The name of the secret.

For "owned" secrets, this will be the full resource name (secret name + suffix), unless the '@aws-cdk/aws-secretsmanager:parseOwnedSecretName' feature flag is set.

Specified by:

getSecretName in interface ISecret

Specified by:

getSecretName in interface ISecret.Jsii$Default

getSecretValue

public final SecretValue getSecretValue()

Retrieve the value of the stored secret as a `SecretValue`.

Specified by:

getSecretValue in interface ISecret

Specified by:

getSecretValue in interface ISecret.Jsii$Default

getEncryptionKey

public final IKey getEncryptionKey()

The customer-managed encryption key that is used to encrypt this secret, if any.

When not specified, the default KMS key for the account and region is being used.

Specified by:

getEncryptionKey in interface ISecret

Specified by:

getEncryptionKey in interface ISecret.Jsii$Default

getSecretFullArn

public final java.lang.String getSecretFullArn()

The full ARN of the secret in AWS Secrets Manager, which is the ARN including the Secrets Manager-supplied 6-character suffix.

This is equal to secretArn in most cases, but is undefined when a full ARN is not available (e.g., secrets imported by name).

Specified by:

getSecretFullArn in interface ISecret

Specified by:

getSecretFullArn in interface ISecret.Jsii$Default

applyRemovalPolicy

public final void applyRemovalPolicy(RemovalPolicy policy)

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

Specified by:

applyRemovalPolicy in interface IResource

Specified by:

applyRemovalPolicy in interface IResource.Jsii$Default

Specified by:

applyRemovalPolicy in interface ISecret.Jsii$Default

Parameters:

policy - This parameter is required.

addRotationSchedule

public final RotationSchedule addRotationSchedule(java.lang.String id,
                                                  RotationScheduleOptions options)

Adds a rotation schedule to the secret.

Specified by:

addRotationSchedule in interface ISecret

Specified by:

addRotationSchedule in interface ISecret.Jsii$Default

Parameters:

id - This parameter is required.

options - This parameter is required.

addToResourcePolicy

public final AddToResourcePolicyResult addToResourcePolicy(PolicyStatement statement)

Adds a statement to the IAM resource policy associated with this secret.

If this secret was created in this stack, a resource policy will be automatically created upon the first call to addToResourcePolicy. If the secret is imported, then this is a no-op.

Specified by:

addToResourcePolicy in interface ISecret

Specified by:

addToResourcePolicy in interface ISecret.Jsii$Default

Parameters:

statement - This parameter is required.

attach

public final ISecret attach(ISecretAttachmentTarget target)

Attach a target to this secret.

Specified by:

attach in interface ISecret

Specified by:

attach in interface ISecret.Jsii$Default

Parameters:

target - The target to attach. This parameter is required.

Returns:

An attached secret

denyAccountRootDelete

public final void denyAccountRootDelete()

Denies the `DeleteSecret` action to all principals within the current account.

Specified by:

denyAccountRootDelete in interface ISecret

Specified by:

denyAccountRootDelete in interface ISecret.Jsii$Default

grantRead

public final Grant grantRead(IGrantable grantee,
                             java.util.List<java.lang.String> versionStages)

Grants reading the secret value to some role.

Specified by:

grantRead in interface ISecret

Specified by:

grantRead in interface ISecret.Jsii$Default

Parameters:

grantee - the principal being granted permission. This parameter is required.

versionStages - the version stages the grant is limited to.

grantRead

public final Grant grantRead(IGrantable grantee)

Grants reading the secret value to some role.

Specified by:

grantRead in interface ISecret

Parameters:

grantee - the principal being granted permission. This parameter is required.

grantWrite

public final Grant grantWrite(IGrantable grantee)

Grants writing and updating the secret value to some role.

Specified by:

grantWrite in interface ISecret

Specified by:

grantWrite in interface ISecret.Jsii$Default

Parameters:

grantee - the principal being granted permission. This parameter is required.

secretValueFromJson

public final SecretValue secretValueFromJson(java.lang.String key)

Interpret the secret as a JSON object and return a field's value from it as a `SecretValue`.

Specified by:

secretValueFromJson in interface ISecret

Specified by:

secretValueFromJson in interface ISecret.Jsii$Default

Parameters:

key - This parameter is required.