pulumi-aws-native-kotlin/com.pulumi.awsnative.secretsmanager.kotlin.outputs/RotationScheduleHostedRotationLambda

RotationScheduleHostedRotationLambda

data class RotationScheduleHostedRotationLambda(val excludeCharacters: String? = null, val kmsKeyArn: String? = null, val masterSecretArn: String? = null, val masterSecretKmsKeyArn: String? = null, val rotationLambdaName: String? = null, val rotationType: String, val runtime: String? = null, val superuserSecretArn: String? = null, val superuserSecretKmsKeyArn: String? = null, val vpcSecurityGroupIds: String? = null, val vpcSubnetIds: String? = null)

Constructors

Link copied to clipboard
constructor(excludeCharacters: String? = null, kmsKeyArn: String? = null, masterSecretArn: String? = null, masterSecretKmsKeyArn: String? = null, rotationLambdaName: String? = null, rotationType: String, runtime: String? = null, superuserSecretArn: String? = null, superuserSecretKmsKeyArn: String? = null, vpcSecurityGroupIds: String? = null, vpcSubnetIds: String? = null)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val excludeCharacters: String? = null

A string of the characters that you don't want in the password.

Link copied to clipboard
val kmsKeyArn: String? = null

The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key aws/secretsmanager. If aws/secretsmanager doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.

Link copied to clipboard
val masterSecretArn: String? = null

The ARN of the secret that contains superuser credentials, if you use the alternating users rotation strategy. CloudFormation grants the execution role for the Lambda rotation function GetSecretValue permission to the secret in this property.

Link copied to clipboard
val masterSecretKmsKeyArn: String? = null

The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key aws/secretsmanager. CloudFormation grants the execution role for the Lambda rotation function Decrypt, DescribeKey, and GenerateDataKey permission to the key in this property.

Link copied to clipboard
val rotationLambdaName: String? = null

The name of the Lambda rotation function.

Link copied to clipboard
val rotationType: String

The type of rotation template to use

Link copied to clipboard
val runtime: String? = null

The python runtime associated with the Lambda function

Link copied to clipboard
val superuserSecretArn: String? = null

The ARN of the secret that contains superuser credentials, if you use the alternating users rotation strategy. CloudFormation grants the execution role for the Lambda rotation function GetSecretValue permission to the secret in this property.

Link copied to clipboard
val superuserSecretKmsKeyArn: String? = null

The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key aws/secretsmanager. CloudFormation grants the execution role for the Lambda rotation function Decrypt, DescribeKey, and GenerateDataKey permission to the key in this property.

Link copied to clipboard
val vpcSecurityGroupIds: String? = null

A comma-separated list of security group IDs applied to the target database.

Link copied to clipboard
val vpcSubnetIds: String? = null

A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.