Puppet Task: secretsmanager_aws_put_resource_policy

Defined in:: tasks/secretsmanager_aws_put_resource_policy.json,
tasks/secretsmanager_aws_put_resource_policy.rb

Overview

Attaches the contents of the specified resource-based permission policy to a secret. A resource-based policy is optional. Alternatively, you can use IAM identity-based policies that specify the secret's Amazon Resource Name (ARN) in the policy statement's Resources element. You can also use a combination of both identity-based and resource-based policies. The affected users and roles receive the permissions that are permitted by all of the relevant policies. For more information, see Using Resource-Based Policies for AWS Secrets Manager. For the complete description of the AWS policy syntax and grammar, see IAM JSON Policy Reference in the IAM User Guide. Minimum permissions To run this command, you must have the following permissions: secretsmanager:PutResourcePolicy Related operations To retrieve the resource policy that's attached to a secret, use GetResourcePolicy. To delete the resource-based policy that's attached to a secret, use DeleteResourcePolicy. To list all of the currently available secrets, use ListSecrets.

Supports noop? false

Parameters

resource_policy (Optional[String[1]]) —
secret_id (Optional[String[1]]) —