package awssecretsmanager import ( _init_ "github.com/aws/aws-cdk-go/awscdk/v2/jsii" _jsii_ "github.com/aws/jsii-runtime-go/runtime" "github.com/aws/aws-cdk-go/awscdk/v2" "github.com/aws/aws-cdk-go/awscdk/v2/awssecretsmanager/internal" "github.com/aws/constructs-go/constructs/v10" ) // Sets the rotation schedule and Lambda rotation function for a secret. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) . // // For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) . // // For the rotation function, you have two options: // // - You can create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) by using `HostedRotationLambda` . // - You can choose an existing rotation function by using `RotationLambdaARN` . // // For database secrets, if you define both the secret and the database or service in the AWS CloudFormation template, then you need to define the [AWS::SecretsManager::SecretTargetAttachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secrettargetattachment.html) resource to populate the secret with the connection details of the database or service before you attempt to configure rotation. // // Example: // // The code below shows an example of how to instantiate this type. // // The values are placeholders you should change. // import "github.com/aws/aws-cdk-go/awscdk" // // cfnRotationSchedule := awscdk.Aws_secretsmanager.NewCfnRotationSchedule(this, jsii.String("MyCfnRotationSchedule"), &CfnRotationScheduleProps{ // SecretId: jsii.String("secretId"), // // // the properties below are optional // HostedRotationLambda: &HostedRotationLambdaProperty{ // RotationType: jsii.String("rotationType"), // // // the properties below are optional // ExcludeCharacters: jsii.String("excludeCharacters"), // KmsKeyArn: jsii.String("kmsKeyArn"), // MasterSecretArn: jsii.String("masterSecretArn"), // MasterSecretKmsKeyArn: jsii.String("masterSecretKmsKeyArn"), // RotationLambdaName: jsii.String("rotationLambdaName"), // Runtime: jsii.String("runtime"), // SuperuserSecretArn: jsii.String("superuserSecretArn"), // SuperuserSecretKmsKeyArn: jsii.String("superuserSecretKmsKeyArn"), // VpcSecurityGroupIds: jsii.String("vpcSecurityGroupIds"), // VpcSubnetIds: jsii.String("vpcSubnetIds"), // }, // RotateImmediatelyOnUpdate: jsii.Boolean(false), // RotationLambdaArn: jsii.String("rotationLambdaArn"), // RotationRules: &RotationRulesProperty{ // AutomaticallyAfterDays: jsii.Number(123), // Duration: jsii.String("duration"), // ScheduleExpression: jsii.String("scheduleExpression"), // }, // }) // // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-rotationschedule.html // type CfnRotationSchedule interface { awscdk.CfnResource awscdk.IInspectable AttrId() *string // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) . To use a rotation function that already exists, specify `RotationLambdaARN` instead. HostedRotationLambda() interface{} SetHostedRotationLambda(val interface{}) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. RotateImmediatelyOnUpdate() interface{} SetRotateImmediatelyOnUpdate(val interface{}) // The ARN of an existing Lambda rotation function. RotationLambdaArn() *string SetRotationLambdaArn(val *string) // A structure that defines the rotation configuration for this secret. RotationRules() interface{} SetRotationRules(val interface{}) // The ARN or name of the secret to rotate. SecretId() *string SetSecretId(val *string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // ```typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // ``` // would add the overrides // ```json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // ``` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) } // The jsii proxy struct for CfnRotationSchedule type jsiiProxy_CfnRotationSchedule struct { internal.Type__awscdkCfnResource internal.Type__awscdkIInspectable } func (j *jsiiProxy_CfnRotationSchedule) AttrId() *string { var returns *string _jsii_.Get( j, "attrId", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) CfnOptions() awscdk.ICfnResourceOptions { var returns awscdk.ICfnResourceOptions _jsii_.Get( j, "cfnOptions", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) CfnProperties() *map[string]interface{} { var returns *map[string]interface{} _jsii_.Get( j, "cfnProperties", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) CfnResourceType() *string { var returns *string _jsii_.Get( j, "cfnResourceType", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) CreationStack() *[]*string { var returns *[]*string _jsii_.Get( j, "creationStack", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) HostedRotationLambda() interface{} { var returns interface{} _jsii_.Get( j, "hostedRotationLambda", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) LogicalId() *string { var returns *string _jsii_.Get( j, "logicalId", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) Node() constructs.Node { var returns constructs.Node _jsii_.Get( j, "node", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) Ref() *string { var returns *string _jsii_.Get( j, "ref", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) RotateImmediatelyOnUpdate() interface{} { var returns interface{} _jsii_.Get( j, "rotateImmediatelyOnUpdate", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) RotationLambdaArn() *string { var returns *string _jsii_.Get( j, "rotationLambdaArn", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) RotationRules() interface{} { var returns interface{} _jsii_.Get( j, "rotationRules", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) SecretId() *string { var returns *string _jsii_.Get( j, "secretId", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) Stack() awscdk.Stack { var returns awscdk.Stack _jsii_.Get( j, "stack", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) UpdatedProperites() *map[string]interface{} { var returns *map[string]interface{} _jsii_.Get( j, "updatedProperites", &returns, ) return returns } func (j *jsiiProxy_CfnRotationSchedule) UpdatedProperties() *map[string]interface{} { var returns *map[string]interface{} _jsii_.Get( j, "updatedProperties", &returns, ) return returns } func NewCfnRotationSchedule(scope constructs.Construct, id *string, props *CfnRotationScheduleProps) CfnRotationSchedule { _init_.Initialize() if err := validateNewCfnRotationScheduleParameters(scope, id, props); err != nil { panic(err) } j := jsiiProxy_CfnRotationSchedule{} _jsii_.Create( "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", []interface{}{scope, id, props}, &j, ) return &j } func NewCfnRotationSchedule_Override(c CfnRotationSchedule, scope constructs.Construct, id *string, props *CfnRotationScheduleProps) { _init_.Initialize() _jsii_.Create( "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", []interface{}{scope, id, props}, c, ) } func (j *jsiiProxy_CfnRotationSchedule)SetHostedRotationLambda(val interface{}) { if err := j.validateSetHostedRotationLambdaParameters(val); err != nil { panic(err) } _jsii_.Set( j, "hostedRotationLambda", val, ) } func (j *jsiiProxy_CfnRotationSchedule)SetRotateImmediatelyOnUpdate(val interface{}) { if err := j.validateSetRotateImmediatelyOnUpdateParameters(val); err != nil { panic(err) } _jsii_.Set( j, "rotateImmediatelyOnUpdate", val, ) } func (j *jsiiProxy_CfnRotationSchedule)SetRotationLambdaArn(val *string) { _jsii_.Set( j, "rotationLambdaArn", val, ) } func (j *jsiiProxy_CfnRotationSchedule)SetRotationRules(val interface{}) { if err := j.validateSetRotationRulesParameters(val); err != nil { panic(err) } _jsii_.Set( j, "rotationRules", val, ) } func (j *jsiiProxy_CfnRotationSchedule)SetSecretId(val *string) { if err := j.validateSetSecretIdParameters(val); err != nil { panic(err) } _jsii_.Set( j, "secretId", val, ) } // Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template). // // Uses duck-typing instead of `instanceof` to allow stack elements from different // versions of this library to be included in the same stack. // // Returns: The construct as a stack element or undefined if it is not a stack element. func CfnRotationSchedule_IsCfnElement(x interface{}) *bool { _init_.Initialize() if err := validateCfnRotationSchedule_IsCfnElementParameters(x); err != nil { panic(err) } var returns *bool _jsii_.StaticInvoke( "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", "isCfnElement", []interface{}{x}, &returns, ) return returns } // Check whether the given construct is a CfnResource. func CfnRotationSchedule_IsCfnResource(construct constructs.IConstruct) *bool { _init_.Initialize() if err := validateCfnRotationSchedule_IsCfnResourceParameters(construct); err != nil { panic(err) } var returns *bool _jsii_.StaticInvoke( "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", "isCfnResource", []interface{}{construct}, &returns, ) return returns } // Checks if `x` is a construct. // // Use this method instead of `instanceof` to properly detect `Construct` // instances, even when the construct library is symlinked. // // Explanation: in JavaScript, multiple copies of the `constructs` library on // disk are seen as independent, completely different libraries. As a // consequence, the class `Construct` in each copy of the `constructs` library // is seen as a different class, and an instance of one class will not test as // `instanceof` the other class. `npm install` will not create installations // like this, but users may manually symlink construct libraries together or // use a monorepo tool: in those cases, multiple copies of the `constructs` // library can be accidentally installed, and `instanceof` will behave // unpredictably. It is safest to avoid using `instanceof`, and using // this type-testing method instead. // // Returns: true if `x` is an object created from a class which extends `Construct`. func CfnRotationSchedule_IsConstruct(x interface{}) *bool { _init_.Initialize() if err := validateCfnRotationSchedule_IsConstructParameters(x); err != nil { panic(err) } var returns *bool _jsii_.StaticInvoke( "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", "isConstruct", []interface{}{x}, &returns, ) return returns } func CfnRotationSchedule_CFN_RESOURCE_TYPE_NAME() *string { _init_.Initialize() var returns *string _jsii_.StaticGet( "aws-cdk-lib.aws_secretsmanager.CfnRotationSchedule", "CFN_RESOURCE_TYPE_NAME", &returns, ) return returns } func (c *jsiiProxy_CfnRotationSchedule) AddDeletionOverride(path *string) { if err := c.validateAddDeletionOverrideParameters(path); err != nil { panic(err) } _jsii_.InvokeVoid( c, "addDeletionOverride", []interface{}{path}, ) } func (c *jsiiProxy_CfnRotationSchedule) AddDependency(target awscdk.CfnResource) { if err := c.validateAddDependencyParameters(target); err != nil { panic(err) } _jsii_.InvokeVoid( c, "addDependency", []interface{}{target}, ) } func (c *jsiiProxy_CfnRotationSchedule) AddDependsOn(target awscdk.CfnResource) { if err := c.validateAddDependsOnParameters(target); err != nil { panic(err) } _jsii_.InvokeVoid( c, "addDependsOn", []interface{}{target}, ) } func (c *jsiiProxy_CfnRotationSchedule) AddMetadata(key *string, value interface{}) { if err := c.validateAddMetadataParameters(key, value); err != nil { panic(err) } _jsii_.InvokeVoid( c, "addMetadata", []interface{}{key, value}, ) } func (c *jsiiProxy_CfnRotationSchedule) AddOverride(path *string, value interface{}) { if err := c.validateAddOverrideParameters(path, value); err != nil { panic(err) } _jsii_.InvokeVoid( c, "addOverride", []interface{}{path, value}, ) } func (c *jsiiProxy_CfnRotationSchedule) AddPropertyDeletionOverride(propertyPath *string) { if err := c.validateAddPropertyDeletionOverrideParameters(propertyPath); err != nil { panic(err) } _jsii_.InvokeVoid( c, "addPropertyDeletionOverride", []interface{}{propertyPath}, ) } func (c *jsiiProxy_CfnRotationSchedule) AddPropertyOverride(propertyPath *string, value interface{}) { if err := c.validateAddPropertyOverrideParameters(propertyPath, value); err != nil { panic(err) } _jsii_.InvokeVoid( c, "addPropertyOverride", []interface{}{propertyPath, value}, ) } func (c *jsiiProxy_CfnRotationSchedule) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) { if err := c.validateApplyRemovalPolicyParameters(options); err != nil { panic(err) } _jsii_.InvokeVoid( c, "applyRemovalPolicy", []interface{}{policy, options}, ) } func (c *jsiiProxy_CfnRotationSchedule) GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference { if err := c.validateGetAttParameters(attributeName); err != nil { panic(err) } var returns awscdk.Reference _jsii_.Invoke( c, "getAtt", []interface{}{attributeName, typeHint}, &returns, ) return returns } func (c *jsiiProxy_CfnRotationSchedule) GetMetadata(key *string) interface{} { if err := c.validateGetMetadataParameters(key); err != nil { panic(err) } var returns interface{} _jsii_.Invoke( c, "getMetadata", []interface{}{key}, &returns, ) return returns } func (c *jsiiProxy_CfnRotationSchedule) Inspect(inspector awscdk.TreeInspector) { if err := c.validateInspectParameters(inspector); err != nil { panic(err) } _jsii_.InvokeVoid( c, "inspect", []interface{}{inspector}, ) } func (c *jsiiProxy_CfnRotationSchedule) ObtainDependencies() *[]interface{} { var returns *[]interface{} _jsii_.Invoke( c, "obtainDependencies", nil, // no parameters &returns, ) return returns } func (c *jsiiProxy_CfnRotationSchedule) ObtainResourceDependencies() *[]awscdk.CfnResource { var returns *[]awscdk.CfnResource _jsii_.Invoke( c, "obtainResourceDependencies", nil, // no parameters &returns, ) return returns } func (c *jsiiProxy_CfnRotationSchedule) OverrideLogicalId(newLogicalId *string) { if err := c.validateOverrideLogicalIdParameters(newLogicalId); err != nil { panic(err) } _jsii_.InvokeVoid( c, "overrideLogicalId", []interface{}{newLogicalId}, ) } func (c *jsiiProxy_CfnRotationSchedule) RemoveDependency(target awscdk.CfnResource) { if err := c.validateRemoveDependencyParameters(target); err != nil { panic(err) } _jsii_.InvokeVoid( c, "removeDependency", []interface{}{target}, ) } func (c *jsiiProxy_CfnRotationSchedule) RenderProperties(props *map[string]interface{}) *map[string]interface{} { if err := c.validateRenderPropertiesParameters(props); err != nil { panic(err) } var returns *map[string]interface{} _jsii_.Invoke( c, "renderProperties", []interface{}{props}, &returns, ) return returns } func (c *jsiiProxy_CfnRotationSchedule) ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) { if err := c.validateReplaceDependencyParameters(target, newTarget); err != nil { panic(err) } _jsii_.InvokeVoid( c, "replaceDependency", []interface{}{target, newTarget}, ) } func (c *jsiiProxy_CfnRotationSchedule) ShouldSynthesize() *bool { var returns *bool _jsii_.Invoke( c, "shouldSynthesize", nil, // no parameters &returns, ) return returns } func (c *jsiiProxy_CfnRotationSchedule) ToString() *string { var returns *string _jsii_.Invoke( c, "toString", nil, // no parameters &returns, ) return returns } func (c *jsiiProxy_CfnRotationSchedule) ValidateProperties(_properties interface{}) { if err := c.validateValidatePropertiesParameters(_properties); err != nil { panic(err) } _jsii_.InvokeVoid( c, "validateProperties", []interface{}{_properties}, ) }