Class CfnResourcePolicy
Attaches a resource-based permission policy to a secret.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.SecretsManager
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnResourcePolicy : CfnResource, IInspectable
Syntax (vb)
Public Class CfnResourcePolicy
Inherits CfnResource
Implements IInspectable
Remarks
A resource-based policy is optional. If a secret already has a resource policy attached, you must first remove it before attaching a new policy using this CloudFormation resource. You can remove the policy using the console , CLI , or API . For more information, see Authentication and access control for Secrets Manager .
Required permissions: secretsmanager:PutResourcePolicy
, secretsmanager:GetResourcePolicy
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager .
CloudformationResource: AWS::SecretsManager::ResourcePolicy
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.SecretsManager;
var resourcePolicy;
var cfnResourcePolicy = new CfnResourcePolicy(this, "MyCfnResourcePolicy", new CfnResourcePolicyProps {
ResourcePolicy = resourcePolicy,
SecretId = "secretId",
// the properties below are optional
BlockPublicPolicy = false
});
Synopsis
Constructors
CfnResourcePolicy(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnResourcePolicy(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
CfnResourcePolicy(Construct, String, ICfnResourcePolicyProps) |
Properties
AttrId | The Arn of the secret. |
BlockPublicPolicy | Specifies whether to block resource-based policies that allow broad access to the secret. |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
ResourcePolicy | A JSON-formatted string for an AWS resource-based policy. |
SecretId | The ARN or name of the secret to attach the resource-based policy. |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnResourcePolicy(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnResourcePolicy(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnResourcePolicy(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnResourcePolicy(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
CfnResourcePolicy(Construct, String, ICfnResourcePolicyProps)
public CfnResourcePolicy(Construct scope, string id, ICfnResourcePolicyProps props)
Parameters
- scope Constructs.Construct
Scope in which this resource is defined.
- id System.String
Construct identifier for this resource (unique in its scope).
- props ICfnResourcePolicyProps
Resource properties.
Properties
AttrId
The Arn of the secret.
public virtual string AttrId { get; }
Property Value
System.String
Remarks
CloudformationAttribute: Id
BlockPublicPolicy
Specifies whether to block resource-based policies that allow broad access to the secret.
public virtual object BlockPublicPolicy { get; set; }
Property Value
System.Object
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
ResourcePolicy
A JSON-formatted string for an AWS resource-based policy.
public virtual object ResourcePolicy { get; set; }
Property Value
System.Object
SecretId
The ARN or name of the secret to attach the resource-based policy.
public virtual string SecretId { get; set; }
Property Value
System.String
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>