Table of Contents

Class CfnResourcePolicy

Namespace
Amazon.CDK.AWS.SecretsManager
Assembly
Amazon.CDK.AWS.SecretsManager.dll

A CloudFormation AWS::SecretsManager::ResourcePolicy.

public class CfnResourcePolicy : CfnResource, IInspectable
Inheritance
CfnResourcePolicy
Implements
IInspectable

Examples

// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.SecretsManager;

             var resourcePolicy;

             var cfnResourcePolicy = new CfnResourcePolicy(this, "MyCfnResourcePolicy", new CfnResourcePolicyProps {
                 ResourcePolicy = resourcePolicy,
                 SecretId = "secretId",

                 // the properties below are optional
                 BlockPublicPolicy = false
             });

Remarks

Attaches a resource-based permission policy to a secret. A resource-based policy is optional. For more information, see Authentication and access control for Secrets Manager

For information about attaching a policy in the console, see Attach a permissions policy to a secret .

Required permissions: secretsmanager:PutResourcePolicy . For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager .

CloudformationResource: AWS::SecretsManager::ResourcePolicy

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-resourcepolicy.html

ExampleMetadata: fixture=_generated

Constructors

CfnResourcePolicy(Construct, string, ICfnResourcePolicyProps)

Create a new AWS::SecretsManager::ResourcePolicy.

public CfnResourcePolicy(Construct scope, string id, ICfnResourcePolicyProps props)

Parameters

scope Construct
  • scope in which this resource is defined.
id string
  • scoped id of the resource.
props ICfnResourcePolicyProps
  • resource properties.

Properties

BlockPublicPolicy

Specifies whether to block resource-based policies that allow broad access to the secret.

public virtual object? BlockPublicPolicy { get; set; }

Property Value

object

Remarks

By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-resourcepolicy.html#cfn-secretsmanager-resourcepolicy-blockpublicpolicy

CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

public static string CFN_RESOURCE_TYPE_NAME { get; }

Property Value

string

CfnProperties 

protected override IDictionary<string, object> CfnProperties { get; }

Property Value

IDictionary<string, object>

ResourcePolicy

A JSON-formatted string for an AWS resource-based policy.

public virtual object ResourcePolicy { get; set; }

Property Value

object

Remarks

For example policies, see Permissions policy examples .

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-resourcepolicy.html#cfn-secretsmanager-resourcepolicy-resourcepolicy

SecretId

The ARN or name of the secret to attach the resource-based policy.

public virtual string SecretId { get; set; }

Property Value

string

Remarks

For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.

Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-resourcepolicy.html#cfn-secretsmanager-resourcepolicy-secretid

Methods

Inspect(TreeInspector)

Examines the CloudFormation resource and discloses attributes.

public virtual void Inspect(TreeInspector inspector)

Parameters

inspector TreeInspector
  • tree inspector to collect and process attributes.

RenderProperties(IDictionary<string, object>) 

protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)

Parameters

props IDictionary<string, object>

Returns

IDictionary<string, object>