Secret
This class encapsulates and extends the ROS resource type ALIYUN::KMS::Secret, which is used to create a secret and store the initial version of the secret.
Initializers
import ros_cdk_kms
ros_cdk_kms.Secret(
scope: Construct,
id: str,
secret_data: typing.Union[str, IResolvable],
secret_name: typing.Union[str, IResolvable],
version_id: typing.Union[str, IResolvable],
description: typing.Union[str, IResolvable] = None,
dkms_instance_id: typing.Union[str, IResolvable] = None,
enable_automatic_rotation: typing.Union[bool, IResolvable] = None,
encryption_key_id: typing.Union[str, IResolvable] = None,
extended_config: typing.Union[IResolvable, typing.Mapping[typing.Any]] = None,
force_delete_without_recovery: typing.Union[bool, IResolvable] = None,
recovery_window_in_days: typing.Union[typing.Union[int, float], IResolvable] = None,
rotation_interval: typing.Union[str, IResolvable] = None,
secret_data_type: typing.Union[str, IResolvable] = None,
secret_type: typing.Union[str, IResolvable] = None,
version_stages: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]] = None,
enable_resource_property_constraint: bool = None
)
| Name | Type | Description |
|---|---|---|
scope |
ros_cdk_core.Construct |
No description. |
id |
str |
No description. |
secret_data |
typing.Union[str, ros_cdk_core.IResolvable] |
Property secretData: The value of the secret that you want to create. |
secret_name |
typing.Union[str, ros_cdk_core.IResolvable] |
Property secretName: The name of the secret. |
version_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property versionId: The version number of the initial version. |
description |
typing.Union[str, ros_cdk_core.IResolvable] |
Property description: The description of the secret. |
dkms_instance_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property dkmsInstanceId: The ID of the dedicated KMS instance. |
enable_automatic_rotation |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property enableAutomaticRotation: Specifies whether to enable automatic rotation. |
encryption_key_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property encryptionKeyId: The ID of the KMS CMK that is used to encrypt the secret value. |
extended_config |
typing.Union[ros_cdk_core.IResolvable, typing.Mapping[typing.Any]] |
Property extendedConfig: The extended configuration of the secret. |
force_delete_without_recovery |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property forceDeleteWithoutRecovery: Specifies whether to forcibly delete the secret. |
recovery_window_in_days |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property recoveryWindowInDays: Specifies the recovery period of the secret if you do not forcibly delete it. |
rotation_interval |
typing.Union[str, ros_cdk_core.IResolvable] |
Property rotationInterval: The interval for automatic rotation. |
secret_data_type |
typing.Union[str, ros_cdk_core.IResolvable] |
Property secretDataType: The type of the secret value. |
secret_type |
typing.Union[str, ros_cdk_core.IResolvable] |
Property secretType: The type of the secret. |
version_stages |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]] |
Property versionStages: The stage labels that mark the secret version. |
enable_resource_property_constraint |
bool |
No description. |
scopeRequired
- Type: ros_cdk_core.Construct
idRequired
- Type: str
secret_dataRequired
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property secretData: The value of the secret that you want to create.
Secrets Manager encrypts the secret value and stores it in the initial version.
secret_nameRequired
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property secretName: The name of the secret.
version_idRequired
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property versionId: The version number of the initial version.
Version numbers are unique in each secret object.
descriptionOptional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property description: The description of the secret.
dkms_instance_idOptional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property dkmsInstanceId: The ID of the dedicated KMS instance.
enable_automatic_rotationOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property enableAutomaticRotation: Specifies whether to enable automatic rotation.
Valid values: true: specifies to enable automatic rotation. false: specifies to disable automatic rotation. This is the default value.
encryption_key_idOptional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property encryptionKeyId: The ID of the KMS CMK that is used to encrypt the secret value.
If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret. Note The KMS CMK must be a symmetric key.
extended_configOptional
- Type: typing.Union[ros_cdk_core.IResolvable, typing.Mapping[typing.Any]]
Property extendedConfig: The extended configuration of the secret.
This parameter specifies the properties of the secret of the specific type.
force_delete_without_recoveryOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property forceDeleteWithoutRecovery: Specifies whether to forcibly delete the secret.
If this parameter is set to true, the secret cannot be recovered. Valid values: true false (default value)
recovery_window_in_daysOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property recoveryWindowInDays: Specifies the recovery period of the secret if you do not forcibly delete it.
Default value: 30
rotation_intervalOptional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property rotationInterval: The interval for automatic rotation.
Valid values: 6 hours to 8,760 hours (365 days). The value is in the integer[unit] format. The unit can be d (day), h (hour), m (minute), or s (second). For example, both 7d and 604800s indicate a seven-day interval.
secret_data_typeOptional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property secretDataType: The type of the secret value.
Valid values: text (default value) binary
secret_typeOptional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property secretType: The type of the secret.
Valid values: Generic: specifies a generic secret. Rds: specifies a managed ApsaraDB RDS secret. RAMCredentials: specifies a managed RAM secret. ECS: specifies a managed ECS secret.
version_stagesOptional
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]
Property versionStages: The stage labels that mark the secret version.
ACSCurrent will be marked as DefaultIf you do not specify it, Secrets Manager marks it with "ACSCurrent".
enable_resource_property_constraintOptional
- Type: bool
Methods
| Name | Description |
|---|---|
to_string |
Returns a string representation of this construct. |
synthesize |
Allows this construct to emit artifacts into the cloud assembly during synthesis. |
add_condition |
No description. |
add_count |
No description. |
add_dependency |
No description. |
add_resource_desc |
No description. |
apply_removal_policy |
No description. |
get_att |
No description. |
set_metadata |
No description. |
to_string
def to_string() -> str
Returns a string representation of this construct.
synthesize
def synthesize(
session: ISynthesisSession
) -> None
Allows this construct to emit artifacts into the cloud assembly during synthesis.
This method is usually implemented by framework-level constructs such as Stack and Asset
as they participate in synthesizing the cloud assembly.
- Type: ros_cdk_core.ISynthesisSession
The synthesis session.
add_condition
def add_condition(
condition: RosCondition
) -> None
- Type: ros_cdk_core.RosCondition
add_count
def add_count(
count: typing.Union[typing.Union[int, float], IResolvable]
) -> None
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
add_dependency
def add_dependency(
resource: Resource
) -> None
- Type: ros_cdk_core.Resource
add_resource_desc
def add_resource_desc(
desc: str
) -> None
- Type: str
apply_removal_policy
def apply_removal_policy(
policy: RemovalPolicy
) -> None
- Type: ros_cdk_core.RemovalPolicy
get_att
def get_att(
name: str
) -> IResolvable
- Type: str
set_metadata
def set_metadata(
key: str,
value: typing.Any
) -> None
- Type: str
- Type: typing.Any
Static Functions
| Name | Description |
|---|---|
is_construct |
Return whether the given object is a Construct. |
is_construct
import ros_cdk_kms
ros_cdk_kms.Secret.is_construct(
x: typing.Any
)
Return whether the given object is a Construct.
- Type: typing.Any
Properties
| Name | Type | Description |
|---|---|---|
node |
ros_cdk_core.ConstructNode |
The construct tree node associated with this construct. |
ref |
str |
No description. |
stack |
ros_cdk_core.Stack |
The stack in which this resource is defined. |
resource |
ros_cdk_core.RosResource |
No description. |
attr_arn |
ros_cdk_core.IResolvable |
Attribute Arn: The Alibaba Cloud Resource Name (ARN). |
attr_secret_name |
ros_cdk_core.IResolvable |
Attribute SecretName: The name of the secret. |
nodeRequired
node: ConstructNode
- Type: ros_cdk_core.ConstructNode
The construct tree node associated with this construct.
refRequired
ref: str
- Type: str
stackRequired
stack: Stack
- Type: ros_cdk_core.Stack
The stack in which this resource is defined.
resourceOptional
resource: RosResource
- Type: ros_cdk_core.RosResource
attr_arnRequired
attr_arn: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute Arn: The Alibaba Cloud Resource Name (ARN).
attr_secret_nameRequired
attr_secret_name: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute SecretName: The name of the secret.