aws-cdk-lib.aws_secretsmanager.CfnResourcePolicyProps

interface CfnResourcePolicyProps

LanguageType name
.NETAmazon.CDK.AWS.SecretsManager.CfnResourcePolicyProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awssecretsmanager#CfnResourcePolicyProps
Javasoftware.amazon.awscdk.services.secretsmanager.CfnResourcePolicyProps
Pythonaws_cdk.aws_secretsmanager.CfnResourcePolicyProps
TypeScript aws-cdk-lib » aws_secretsmanager » CfnResourcePolicyProps

Properties for defining a CfnResourcePolicy.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_secretsmanager as secretsmanager } from 'aws-cdk-lib';

declare const resourcePolicy: any;
const cfnResourcePolicyProps: secretsmanager.CfnResourcePolicyProps = {
  resourcePolicy: resourcePolicy,
  secretId: 'secretId',

  // the properties below are optional
  blockPublicPolicy: false,
};

Properties

NameTypeDescription
resourcePolicyanyA JSON-formatted string for an AWS resource-based policy.
secretIdstringThe ARN or name of the secret to attach the resource-based policy.
blockPublicPolicy?boolean | IResolvableSpecifies whether to block resource-based policies that allow broad access to the secret.

resourcePolicy

Type: any

A JSON-formatted string for an AWS resource-based policy.

For example policies, see Permissions policy examples .


secretId

Type: string

The ARN or name of the secret to attach the resource-based policy.

For an ARN, we recommend that you specify a complete ARN rather than a partial ARN.


blockPublicPolicy?

Type: boolean | IResolvable (optional)

Specifies whether to block resource-based policies that allow broad access to the secret.

By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.