@Generated(value="jsii-pacmak/1.57.0 (build f614666)", date="2022-04-22T09:30:50.583Z") @Stability(value=Deprecated) @Deprecated public class SecretStringValueBeta1 extends software.amazon.jsii.JsiiObject
The class wraps a simple string (or JSON representation) in order to provide some safety checks and warnings about the dangers of using plaintext strings as initial secret seed values via CDK/CloudFormation.
Example:
// Creates a new IAM user, access and secret keys, and stores the secret access key in a Secret.
User user = new User(this, "User");
AccessKey accessKey = AccessKey.Builder.create(this, "AccessKey").user(user).build();
SecretStringValueBeta1 secretValue = SecretStringValueBeta1.fromToken(accessKey.secretAccessKey.toString());
Secret.Builder.create(this, "Secret")
.secretStringBeta1(secretValue)
.build();
| Modifier | Constructor and Description |
|---|---|
protected |
SecretStringValueBeta1(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
Deprecated.
|
protected |
SecretStringValueBeta1(software.amazon.jsii.JsiiObjectRef objRef)
Deprecated.
|
| Modifier and Type | Method and Description |
|---|---|
static SecretStringValueBeta1 |
fromToken(String secretValueFromToken)
Deprecated.
|
static SecretStringValueBeta1 |
fromUnsafePlaintext(String secretValue)
Deprecated.
|
String |
secretValue()
Deprecated.
|
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetprotected SecretStringValueBeta1(software.amazon.jsii.JsiiObjectRef objRef)
protected SecretStringValueBeta1(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
@Stability(value=Deprecated) @Deprecated @NotNull public static SecretStringValueBeta1 fromToken(@NotNull String secretValueFromToken)
The intent is to enable creating secrets from references (e.g., Ref, Fn::GetAtt) from other resources.
This might be the direct output of another Construct, or the output of a Custom Resource.
This method throws if it determines the input is an unsafe plaintext string.
For example:
// Creates a new IAM user, access and secret keys, and stores the secret access key in a Secret.
User user = new User(this, "User");
AccessKey accessKey = AccessKey.Builder.create(this, "AccessKey").user(user).build();
SecretStringValueBeta1 secretValue = SecretStringValueBeta1.fromToken(accessKey.secretAccessKey.toString());
Secret.Builder.create(this, "Secret")
.secretStringBeta1(secretValue)
.build();
The secret may also be embedded in a string representation of a JSON structure:
User user = new User(this, "User");
AccessKey accessKey = AccessKey.Builder.create(this, "AccessKey").user(user).build();
SecretStringValueBeta1 secretValue = SecretStringValueBeta1.fromToken(JSON.stringify(Map.of(
"username", user.getUserName(),
"database", "foo",
"password", accessKey.secretAccessKey.unsafeUnwrap())));
Note that the value being a Token does not guarantee safety. For example, a Lazy-evaluated string
(e.g., Lazy.string({ produce: () => 'myInsecurePassword' }))) is a Token, but as the output is
ultimately a plaintext string, and so insecure.
secretValueFromToken - a secret value coming from a Construct attribute or Custom Resource output. This parameter is required.@Stability(value=Deprecated) @Deprecated @NotNull public static SecretStringValueBeta1 fromUnsafePlaintext(@NotNull String secretValue)
This approach is inherently unsafe, as the secret value may be visible in your source control repository and will also appear in plaintext in the resulting CloudFormation template, including in the AWS Console or APIs. Usage of this method is discouraged, especially for production workloads.
secretValue - This parameter is required.@Stability(value=Deprecated) @Deprecated @NotNull public String secretValue()
Copyright © 2022. All rights reserved.