SecretsManagerSecretConfiguration
The configuration for a Secrets Manager secret. For more information, see CreateSecret.
You can propose a configuration for a new secret or an existing secret that you own by
specifying the secret policy and optional Amazon KMS encryption key. If the configuration is for
an existing secret and you do not specify the secret policy, the access preview uses the
existing policy for the secret. If the access preview is for a new resource and you do not
specify the policy, the access preview assumes a secret without a policy. To propose
deletion of an existing policy, you can specify an empty string. If the proposed
configuration is for a new secret and you do not specify the KMS key ID, the access
preview uses the Amazon managed key aws/secretsmanager
. If you specify an empty
string for the KMS key ID, the access preview uses the Amazon managed key of the
Amazon Web Services account. For more information about secret policy limits, see Quotas
for Amazon Secrets Manager..
Contents
- kmsKeyId
-
The proposed ARN, key ID, or alias of the KMS key.
Type: String
Required: No
- secretPolicy
-
The proposed resource policy defining who can access or manage the secret.
Type: String
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: