Package software.amazon.awscdk.services.secretsmanager

Class CfnRotationSchedule.HostedRotationLambdaProperty.Jsii$Proxy

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.secretsmanager.CfnRotationSchedule.HostedRotationLambdaProperty.Jsii$Proxy

All Implemented Interfaces:

CfnRotationSchedule.HostedRotationLambdaProperty, software.amazon.jsii.JsiiSerializable

Enclosing interface:

CfnRotationSchedule.HostedRotationLambdaProperty

@Stability(Stable)
@Internal
public static final class CfnRotationSchedule.HostedRotationLambdaProperty.Jsii$Proxy
extends software.amazon.jsii.JsiiObject
implements CfnRotationSchedule.HostedRotationLambdaProperty

An implementation for CfnRotationSchedule.HostedRotationLambdaProperty

Nested Class Summary

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.secretsmanager.CfnRotationSchedule.HostedRotationLambdaProperty

CfnRotationSchedule.HostedRotationLambdaProperty.Builder, CfnRotationSchedule.HostedRotationLambdaProperty.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	Jsii$Proxy(CfnRotationSchedule.HostedRotationLambdaProperty.Builder builder)	Constructor that initializes the object based on literal property values passed by the CfnRotationSchedule.HostedRotationLambdaProperty.Builder.
protected	Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)	Constructor that initializes the object based on values retrieved from the JsiiObject.

Method Summary

Modifier and Type	Method	Description
com.fasterxml.jackson.databind.JsonNode	$jsii$toJson()
final boolean	equals(Object o)
final String	getExcludeCharacters()	A string of the characters that you don't want in the password.
final String	getKmsKeyArn()	The ARN of the KMS key that Secrets Manager uses to encrypt the secret.
final String	getMasterSecretArn()	The ARN of the secret that contains superuser credentials, if you use the Alternating users rotation strategy .
final String	getMasterSecretKmsKeyArn()	The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key.
final String	getRotationLambdaName()	The name of the Lambda rotation function.
final String	getRotationType()	The rotation template to base the rotation function on, one of the following:.
final String	getRuntime()	By default, CloudFormation deploys Python 3.9 binaries for the rotation function.
final String	getSuperuserSecretArn()	The ARN of the secret that contains superuser credentials, if you use the Alternating users rotation strategy .
final String	getSuperuserSecretKmsKeyArn()	The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key.
final String	getVpcSecurityGroupIds()	A comma-separated list of security group IDs applied to the target database.
final String	getVpcSubnetIds()	A comma separated list of VPC subnet IDs of the target database network.
final int	hashCode()

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Jsii$Proxy

protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)

Constructor that initializes the object based on values retrieved from the JsiiObject.

Parameters:

objRef - Reference to the JSII managed object.

Jsii$Proxy

protected Jsii$Proxy(CfnRotationSchedule.HostedRotationLambdaProperty.Builder builder)

Constructor that initializes the object based on literal property values passed by the CfnRotationSchedule.HostedRotationLambdaProperty.Builder.

Method Details

getRotationType

public final String getRotationType()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

The rotation template to base the rotation function on, one of the following:.

• MySQLSingleUser to use the template SecretsManagerRDSMySQLRotationSingleUser .
• MySQLMultiUser to use the template SecretsManagerRDSMySQLRotationMultiUser .
• PostgreSQLSingleUser to use the template SecretsManagerRDSPostgreSQLRotationSingleUser
• PostgreSQLMultiUser to use the template SecretsManagerRDSPostgreSQLRotationMultiUser .
• OracleSingleUser to use the template SecretsManagerRDSOracleRotationSingleUser .
• OracleMultiUser to use the template SecretsManagerRDSOracleRotationMultiUser .
• MariaDBSingleUser to use the template SecretsManagerRDSMariaDBRotationSingleUser .
• MariaDBMultiUser to use the template SecretsManagerRDSMariaDBRotationMultiUser .
• SQLServerSingleUser to use the template SecretsManagerRDSSQLServerRotationSingleUser .
• SQLServerMultiUser to use the template SecretsManagerRDSSQLServerRotationMultiUser .
• RedshiftSingleUser to use the template SecretsManagerRedshiftRotationSingleUsr .
• RedshiftMultiUser to use the template SecretsManagerRedshiftRotationMultiUser .
• MongoDBSingleUser to use the template SecretsManagerMongoDBRotationSingleUser .
• MongoDBMultiUser to use the template SecretsManagerMongoDBRotationMultiUser .

Specified by:

getRotationType in interface CfnRotationSchedule.HostedRotationLambdaProperty

getExcludeCharacters

public final String getExcludeCharacters()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

A string of the characters that you don't want in the password.

Specified by:

getExcludeCharacters in interface CfnRotationSchedule.HostedRotationLambdaProperty

getKmsKeyArn

public final String getKmsKeyArn()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

The ARN of the KMS key that Secrets Manager uses to encrypt the secret.

If you don't specify this value, then Secrets Manager uses the key aws/secretsmanager . If aws/secretsmanager doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.

Specified by:

getKmsKeyArn in interface CfnRotationSchedule.HostedRotationLambdaProperty

getMasterSecretArn

public final String getMasterSecretArn()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

The ARN of the secret that contains superuser credentials, if you use the Alternating users rotation strategy . CloudFormation grants the execution role for the Lambda rotation function GetSecretValue permission to the secret in this property. For more information, see Lambda rotation function execution role permissions for Secrets Manager .

You must create the superuser secret before you can set this property.

You must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see JSON structure of Secrets Manager secrets .

You can specify MasterSecretArn or SuperuserSecretArn but not both. They represent the same superuser secret.

Specified by:

getMasterSecretArn in interface CfnRotationSchedule.HostedRotationLambdaProperty

getMasterSecretKmsKeyArn

public final String getMasterSecretKmsKeyArn()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key aws/secretsmanager . CloudFormation grants the execution role for the Lambda rotation function Decrypt , DescribeKey , and GenerateDataKey permission to the key in this property. For more information, see Lambda rotation function execution role permissions for Secrets Manager .

You can specify MasterSecretKmsKeyArn or SuperuserSecretKmsKeyArn but not both. They represent the same superuser secret KMS key .

Specified by:

getMasterSecretKmsKeyArn in interface CfnRotationSchedule.HostedRotationLambdaProperty

getRotationLambdaName

public final String getRotationLambdaName()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

The name of the Lambda rotation function.

Specified by:

getRotationLambdaName in interface CfnRotationSchedule.HostedRotationLambdaProperty

getRuntime

public final String getRuntime()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

By default, CloudFormation deploys Python 3.9 binaries for the rotation function. To use a different version of Python, you must do the following two steps:.

• Deploy the matching version Python binaries with your rotation function.
• Set the version number in this field. For example, for Python 3.7, enter python3.7

If you only do one of the steps, your rotation function will be incompatible with the binaries. For more information, see Why did my Lambda rotation function fail with a "pg module not found" error .

Specified by:

getRuntime in interface CfnRotationSchedule.HostedRotationLambdaProperty

getSuperuserSecretArn

public final String getSuperuserSecretArn()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

The ARN of the secret that contains superuser credentials, if you use the Alternating users rotation strategy . CloudFormation grants the execution role for the Lambda rotation function GetSecretValue permission to the secret in this property. For more information, see Lambda rotation function execution role permissions for Secrets Manager .

You must create the superuser secret before you can set this property.

You must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see JSON structure of Secrets Manager secrets .

You can specify MasterSecretArn or SuperuserSecretArn but not both. They represent the same superuser secret.

Specified by:

getSuperuserSecretArn in interface CfnRotationSchedule.HostedRotationLambdaProperty

getSuperuserSecretKmsKeyArn

public final String getSuperuserSecretKmsKeyArn()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key aws/secretsmanager . CloudFormation grants the execution role for the Lambda rotation function Decrypt , DescribeKey , and GenerateDataKey permission to the key in this property. For more information, see Lambda rotation function execution role permissions for Secrets Manager .

You can specify MasterSecretKmsKeyArn or SuperuserSecretKmsKeyArn but not both. They represent the same superuser secret KMS key .

Specified by:

getSuperuserSecretKmsKeyArn in interface CfnRotationSchedule.HostedRotationLambdaProperty

getVpcSecurityGroupIds

public final String getVpcSecurityGroupIds()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

A comma-separated list of security group IDs applied to the target database.

The template applies the same security groups as on the Lambda rotation function that is created as part of this stack.

Specified by:

getVpcSecurityGroupIds in interface CfnRotationSchedule.HostedRotationLambdaProperty

getVpcSubnetIds

public final String getVpcSubnetIds()

Description copied from interface: CfnRotationSchedule.HostedRotationLambdaProperty

A comma separated list of VPC subnet IDs of the target database network.

The Lambda rotation function is in the same subnet group.

Specified by:

getVpcSubnetIds in interface CfnRotationSchedule.HostedRotationLambdaProperty

$jsii$toJson

@Internal
public com.fasterxml.jackson.databind.JsonNode $jsii$toJson()

Specified by:

$jsii$toJson in interface software.amazon.jsii.JsiiSerializable

equals

public final boolean equals(Object o)

Overrides:

equals in class Object

hashCode

public final int hashCode()

Overrides:

hashCode in class Object