All Superinterfaces:
software.constructs.IConstruct, software.constructs.IDependable, IResource, software.amazon.jsii.JsiiSerializable
All Known Subinterfaces:
ISecret.Jsii$Default, ISecretTargetAttachment, ISecretTargetAttachment.Jsii$Default
All Known Implementing Classes:
DatabaseSecret, DatabaseSecret, DatabaseSecret, ISecret.Jsii$Proxy, ISecretTargetAttachment.Jsii$Proxy, Secret, SecretTargetAttachment

@Generated(value="jsii-pacmak/1.98.0 (build 00b106d)", date="2024-05-24T02:42:44.596Z") @Stability(Stable) public interface ISecret extends software.amazon.jsii.JsiiSerializable, IResource
A secret in AWS Secrets Manager.
  • Method Details

    • getSecretArn

      @Stability(Stable) @NotNull String getSecretArn()
      The ARN of the secret in AWS Secrets Manager.

      Will return the full ARN if available, otherwise a partial arn. For secrets imported by the deprecated fromSecretName, it will return the secretName.

    • getSecretName

      @Stability(Stable) @NotNull String getSecretName()
      The name of the secret.

      For "owned" secrets, this will be the full resource name (secret name + suffix), unless the '@aws-cdk/aws-secretsmanager:parseOwnedSecretName' feature flag is set.

    • getSecretValue

      @Stability(Stable) @NotNull SecretValue getSecretValue()
      Retrieve the value of the stored secret as a SecretValue.
    • getEncryptionKey

      @Stability(Stable) @Nullable default IKey getEncryptionKey()
      The customer-managed encryption key that is used to encrypt this secret, if any.

      When not specified, the default KMS key for the account and region is being used.

    • getSecretFullArn

      @Stability(Stable) @Nullable default String getSecretFullArn()
      The full ARN of the secret in AWS Secrets Manager, which is the ARN including the Secrets Manager-supplied 6-character suffix.

      This is equal to secretArn in most cases, but is undefined when a full ARN is not available (e.g., secrets imported by name).

    • addRotationSchedule

      @Stability(Stable) @NotNull RotationSchedule addRotationSchedule(@NotNull String id, @NotNull RotationScheduleOptions options)
      Adds a rotation schedule to the secret.

      Parameters:
      id - This parameter is required.
      options - This parameter is required.
    • addToResourcePolicy

      @Stability(Stable) @NotNull AddToResourcePolicyResult addToResourcePolicy(@NotNull PolicyStatement statement)
      Adds a statement to the IAM resource policy associated with this secret.

      If this secret was created in this stack, a resource policy will be automatically created upon the first call to addToResourcePolicy. If the secret is imported, then this is a no-op.

      Parameters:
      statement - This parameter is required.
    • attach

      @Stability(Stable) @NotNull ISecret attach(@NotNull ISecretAttachmentTarget target)
      Attach a target to this secret.

      Parameters:
      target - The target to attach. This parameter is required.
      Returns:
      An attached secret
    • denyAccountRootDelete

      @Stability(Stable) void denyAccountRootDelete()
      Denies the DeleteSecret action to all principals within the current account.
    • grantRead

      @Stability(Stable) @NotNull Grant grantRead(@NotNull IGrantable grantee, @Nullable List<String> versionStages)
      Grants reading the secret value to some role.

      Parameters:
      grantee - the principal being granted permission. This parameter is required.
      versionStages - the version stages the grant is limited to.
    • grantRead

      @Stability(Stable) @NotNull Grant grantRead(@NotNull IGrantable grantee)
      Grants reading the secret value to some role.

      Parameters:
      grantee - the principal being granted permission. This parameter is required.
    • grantWrite

      @Stability(Stable) @NotNull Grant grantWrite(@NotNull IGrantable grantee)
      Grants writing and updating the secret value to some role.

      Parameters:
      grantee - the principal being granted permission. This parameter is required.
    • secretValueFromJson

      @Stability(Stable) @NotNull SecretValue secretValueFromJson(@NotNull String key)
      Interpret the secret as a JSON object and return a field's value from it as a SecretValue.

      Parameters:
      key - This parameter is required.