Interface CfnRotationSchedule.IRotationRulesProperty
The rotation schedule and window.
Namespace: Amazon.CDK.AWS.SecretsManager
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface IRotationRulesProperty
Syntax (vb)
Public Interface IRotationRulesProperty
Remarks
We recommend you use ScheduleExpression
to set a cron or rate expression for the schedule and Duration
to set the length of the rotation window.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.SecretsManager;
var rotationRulesProperty = new RotationRulesProperty {
AutomaticallyAfterDays = 123,
Duration = "duration",
ScheduleExpression = "scheduleExpression"
};
Synopsis
Properties
AutomaticallyAfterDays | The number of days between automatic scheduled rotations of the secret. |
Duration | The length of the rotation window in hours, for example |
ScheduleExpression | A |
Properties
AutomaticallyAfterDays
The number of days between automatic scheduled rotations of the secret.
virtual Nullable<double> AutomaticallyAfterDays { get; }
Property Value
System.Nullable<System.Double>
Remarks
You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.
In DescribeSecret
and ListSecrets
, this value is calculated from the rotation schedule after every successful rotation. In RotateSecret
, you can set the rotation schedule in RotationRules
with AutomaticallyAfterDays
or ScheduleExpression
, but not both.
Duration
The length of the rotation window in hours, for example 3h
for a three hour window.
virtual string Duration { get; }
Property Value
System.String
Remarks
Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the ScheduleExpression
. If you don't specify a Duration
, for a ScheduleExpression
in hours, the window automatically closes after one hour. For a ScheduleExpression
in days, the window automatically closes at the end of the UTC day. For more information, including examples, see Schedule expressions in Secrets Manager rotation in the Secrets Manager Users Guide .
ScheduleExpression
A cron()
or rate()
expression that defines the schedule for rotating your secret.
virtual string ScheduleExpression { get; }
Property Value
System.String
Remarks
Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.
Secrets Manager rate()
expressions represent the interval in hours or days that you want to rotate your secret, for example rate(12 hours)
or rate(10 days)
. You can rotate a secret as often as every four hours. If you use a rate()
expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the Duration
to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.
You can use a cron()
expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see Schedule expressions in Secrets Manager rotation in the Secrets Manager Users Guide . For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the Duration
to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.