class CfnRotationSchedulePropsMixin
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.Mixins.Preview.AWS.SecretsManager.Mixins.CfnRotationSchedulePropsMixin |
 Go | github.com/aws/aws-cdk-go/awscdkmixinspreview/v2/awssecretsmanager/mixins#CfnRotationSchedulePropsMixin |
 Java | software.amazon.awscdk.mixins.preview.services.secretsmanager.mixins.CfnRotationSchedulePropsMixin |
 Python | aws_cdk.mixins_preview.aws_secretsmanager.mixins.CfnRotationSchedulePropsMixin |
 TypeScript | @aws-cdk/mixins-preview » aws_secretsmanager » mixins » CfnRotationSchedulePropsMixin |
Implements
IMixin
Extends
Mixin
Configure the rotation schedule and Lambda rotation function for a secret. For more information, see How rotation works .
For database credentials, refer to the following resources:
- Amazon RDS master user credentials: AWS::RDS::DBCluster MasterUserSecret
- Amazon Redshift admin user credentials: AWS::Redshift::Cluster
Choose one of the following options for the rotation function:
- Create a new rotation function using
HostedRotationLambdabased on a Secrets Manager rotation function template . - Use an existing rotation function by specifying its ARN with
RotationLambdaARN.
For database secrets defined in the same CloudFormation template as the database or service:
- Use the AWS::SecretsManager::SecretTargetAttachment resource to populate the secret with connection details.
- Add a
DependsOnattribute to theRotationScheduleresource that uses aSecretTargetAttachment. This ensures the rotation is configured after the secret is populated with connection details. > You can define only one rotation schedule per secret.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { mixins } from '@aws-cdk/mixins-preview';
import { mixins as secretsmanager_mixins } from '@aws-cdk/mixins-preview/aws-secretsmanager';
const cfnRotationSchedulePropsMixin = new secretsmanager_mixins.CfnRotationSchedulePropsMixin({
externalSecretRotationMetadata: [{
key: 'key',
value: 'value',
}],
externalSecretRotationRoleArn: 'externalSecretRotationRoleArn',
hostedRotationLambda: {
excludeCharacters: 'excludeCharacters',
kmsKeyArn: 'kmsKeyArn',
masterSecretArn: 'masterSecretArn',
masterSecretKmsKeyArn: 'masterSecretKmsKeyArn',
rotationLambdaName: 'rotationLambdaName',
rotationType: 'rotationType',
runtime: 'runtime',
superuserSecretArn: 'superuserSecretArn',
superuserSecretKmsKeyArn: 'superuserSecretKmsKeyArn',
vpcSecurityGroupIds: 'vpcSecurityGroupIds',
vpcSubnetIds: 'vpcSubnetIds',
},
rotateImmediatelyOnUpdate: false,
rotationLambdaArn: 'rotationLambdaArn',
rotationRules: {
automaticallyAfterDays: 123,
duration: 'duration',
scheduleExpression: 'scheduleExpression',
},
secretId: 'secretId',
}, /* all optional props */ {
strategy: mixins.PropertyMergeStrategy.OVERRIDE,
});
Initializer
new CfnRotationSchedulePropsMixin(props: CfnRotationScheduleMixinProps, options?: CfnPropertyMixinOptions)
Parameters
- props
Cfn— L1 properties to apply.Rotation Schedule Mixin Props - options
Cfn— Mixin options.Property Mixin Options
Create a mixin to apply properties to AWS::SecretsManager::RotationSchedule.
Properties
| Name | Type | Description |
|---|---|---|
| props | Cfn | |
| strategy | Property | |
| static CFN_PROPERTY_KEYS | string[] |
props
Type:
Cfn
strategy
Type:
Property
static CFN_PROPERTY_KEYS
Type:
string[]
Methods
| Name | Description |
|---|---|
| apply | Apply the mixin properties to the construct. |
| supports(construct) | Check if this mixin supports the given construct. |
applyTo(construct)
public applyTo(construct: IConstruct): IConstruct
Parameters
- construct
IConstruct
Returns
Apply the mixin properties to the construct.
supports(construct)
public supports(construct: IConstruct): boolean
Parameters
- construct
IConstruct
Returns
boolean
Check if this mixin supports the given construct.