Secret
This class encapsulates and extends the ROS resource type ALIYUN::KMS::Secret
, which is used to create a secret and store the initial version of the secret.
Initializers
import ros_cdk_kms
ros_cdk_kms.Secret(
scope: Construct,
id: str,
secret_data: typing.Union[str, IResolvable],
secret_name: typing.Union[str, IResolvable],
version_id: typing.Union[str, IResolvable],
description: typing.Union[str, IResolvable] = None,
dkms_instance_id: typing.Union[str, IResolvable] = None,
enable_automatic_rotation: typing.Union[bool, IResolvable] = None,
encryption_key_id: typing.Union[str, IResolvable] = None,
extended_config: typing.Union[IResolvable, typing.Mapping[typing.Any]] = None,
force_delete_without_recovery: typing.Union[bool, IResolvable] = None,
recovery_window_in_days: typing.Union[typing.Union[int, float], IResolvable] = None,
rotation_interval: typing.Union[str, IResolvable] = None,
secret_data_type: typing.Union[str, IResolvable] = None,
secret_type: typing.Union[str, IResolvable] = None,
version_stages: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]] = None,
enable_resource_property_constraint: bool = None
)
Name | Type | Description |
---|---|---|
scope |
ros_cdk_core.Construct |
No description. |
id |
str |
No description. |
secret_data |
typing.Union[str, ros_cdk_core.IResolvable] |
Property secretData: The value of the secret that you want to create. |
secret_name |
typing.Union[str, ros_cdk_core.IResolvable] |
Property secretName: The name of the secret. |
version_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property versionId: The version number of the initial version. |
description |
typing.Union[str, ros_cdk_core.IResolvable] |
Property description: The description of the secret. |
dkms_instance_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property dkmsInstanceId: The ID of the dedicated KMS instance. |
enable_automatic_rotation |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property enableAutomaticRotation: Specifies whether to enable automatic rotation. |
encryption_key_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property encryptionKeyId: The ID of the KMS CMK that is used to encrypt the secret value. |
extended_config |
typing.Union[ros_cdk_core.IResolvable, typing.Mapping[typing.Any]] |
Property extendedConfig: The extended configuration of the secret. |
force_delete_without_recovery |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property forceDeleteWithoutRecovery: Specifies whether to forcibly delete the secret. |
recovery_window_in_days |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property recoveryWindowInDays: Specifies the recovery period of the secret if you do not forcibly delete it. |
rotation_interval |
typing.Union[str, ros_cdk_core.IResolvable] |
Property rotationInterval: The interval for automatic rotation. |
secret_data_type |
typing.Union[str, ros_cdk_core.IResolvable] |
Property secretDataType: The type of the secret value. |
secret_type |
typing.Union[str, ros_cdk_core.IResolvable] |
Property secretType: The type of the secret. |
version_stages |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]] |
Property versionStages: The stage labels that mark the secret version. |
enable_resource_property_constraint |
bool |
No description. |
scope
Required
- Type: ros_cdk_core.Construct
id
Required
- Type: str
secret_data
Required
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property secretData: The value of the secret that you want to create.
Secrets Manager encrypts the secret value and stores it in the initial version.
secret_name
Required
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property secretName: The name of the secret.
version_id
Required
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property versionId: The version number of the initial version.
Version numbers are unique in each secret object.
description
Optional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property description: The description of the secret.
dkms_instance_id
Optional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property dkmsInstanceId: The ID of the dedicated KMS instance.
enable_automatic_rotation
Optional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property enableAutomaticRotation: Specifies whether to enable automatic rotation.
Valid values: true: specifies to enable automatic rotation. false: specifies to disable automatic rotation. This is the default value.
encryption_key_id
Optional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property encryptionKeyId: The ID of the KMS CMK that is used to encrypt the secret value.
If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret. Note The KMS CMK must be a symmetric key.
extended_config
Optional
- Type: typing.Union[ros_cdk_core.IResolvable, typing.Mapping[typing.Any]]
Property extendedConfig: The extended configuration of the secret.
This parameter specifies the properties of the secret of the specific type.
force_delete_without_recovery
Optional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property forceDeleteWithoutRecovery: Specifies whether to forcibly delete the secret.
If this parameter is set to true, the secret cannot be recovered. Valid values: true false (default value)
recovery_window_in_days
Optional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property recoveryWindowInDays: Specifies the recovery period of the secret if you do not forcibly delete it.
Default value: 30
rotation_interval
Optional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property rotationInterval: The interval for automatic rotation.
Valid values: 6 hours to 8,760 hours (365 days). The value is in the integer[unit] format. The unit can be d (day), h (hour), m (minute), or s (second). For example, both 7d and 604800s indicate a seven-day interval.
secret_data_type
Optional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property secretDataType: The type of the secret value.
Valid values: text (default value) binary
secret_type
Optional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property secretType: The type of the secret.
Valid values: Generic: specifies a generic secret. Rds: specifies a managed ApsaraDB RDS secret. RAMCredentials: specifies a managed RAM secret. ECS: specifies a managed ECS secret.
version_stages
Optional
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]
Property versionStages: The stage labels that mark the secret version.
ACSCurrent will be marked as DefaultIf you do not specify it, Secrets Manager marks it with "ACSCurrent".
enable_resource_property_constraint
Optional
- Type: bool
Methods
Name | Description |
---|---|
to_string |
Returns a string representation of this construct. |
synthesize |
Allows this construct to emit artifacts into the cloud assembly during synthesis. |
add_condition |
No description. |
add_count |
No description. |
add_dependency |
No description. |
add_resource_desc |
No description. |
apply_removal_policy |
No description. |
get_att |
No description. |
set_metadata |
No description. |
to_string
def to_string() -> str
Returns a string representation of this construct.
synthesize
def synthesize(
session: ISynthesisSession
) -> None
Allows this construct to emit artifacts into the cloud assembly during synthesis.
This method is usually implemented by framework-level constructs such as Stack
and Asset
as they participate in synthesizing the cloud assembly.
- Type: ros_cdk_core.ISynthesisSession
The synthesis session.
add_condition
def add_condition(
condition: RosCondition
) -> None
- Type: ros_cdk_core.RosCondition
add_count
def add_count(
count: typing.Union[typing.Union[int, float], IResolvable]
) -> None
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
add_dependency
def add_dependency(
resource: Resource
) -> None
- Type: ros_cdk_core.Resource
add_resource_desc
def add_resource_desc(
desc: str
) -> None
- Type: str
apply_removal_policy
def apply_removal_policy(
policy: RemovalPolicy
) -> None
- Type: ros_cdk_core.RemovalPolicy
get_att
def get_att(
name: str
) -> IResolvable
- Type: str
set_metadata
def set_metadata(
key: str,
value: typing.Any
) -> None
- Type: str
- Type: typing.Any
Static Functions
Name | Description |
---|---|
is_construct |
Return whether the given object is a Construct. |
is_construct
import ros_cdk_kms
ros_cdk_kms.Secret.is_construct(
x: typing.Any
)
Return whether the given object is a Construct.
- Type: typing.Any
Properties
Name | Type | Description |
---|---|---|
node |
ros_cdk_core.ConstructNode |
The construct tree node associated with this construct. |
ref |
str |
No description. |
stack |
ros_cdk_core.Stack |
The stack in which this resource is defined. |
resource |
ros_cdk_core.RosResource |
No description. |
attr_arn |
ros_cdk_core.IResolvable |
Attribute Arn: The Alibaba Cloud Resource Name (ARN). |
attr_secret_name |
ros_cdk_core.IResolvable |
Attribute SecretName: The name of the secret. |
node
Required
node: ConstructNode
- Type: ros_cdk_core.ConstructNode
The construct tree node associated with this construct.
ref
Required
ref: str
- Type: str
stack
Required
stack: Stack
- Type: ros_cdk_core.Stack
The stack in which this resource is defined.
resource
Optional
resource: RosResource
- Type: ros_cdk_core.RosResource
attr_arn
Required
attr_arn: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute Arn: The Alibaba Cloud Resource Name (ARN).
attr_secret_name
Required
attr_secret_name: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute SecretName: The name of the secret.