How to use the @aws-cdk/aws-kms.ViaServicePrincipal function in @aws-cdk/aws-kms

To help you get started, we’ve selected a few @aws-cdk/aws-kms examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github aws / aws-cdk / packages / @aws-cdk / aws-secretsmanager / lib / secret.ts View on Github external
const result = iam.Grant.addToPrincipal({
      grantee,
      actions: ['secretsmanager:GetSecretValue'],
      resourceArns: [this.secretArn],
      scope: this
    });
    if (versionStages != null && result.principalStatement) {
      result.principalStatement.addCondition('ForAnyValue:StringEquals', {
        'secretsmanager:VersionStage': versionStages
      });
    }

    if (this.encryptionKey) {
      // @see https://docs.aws.amazon.com/fr_fr/kms/latest/developerguide/services-secrets-manager.html
      this.encryptionKey.grantDecrypt(
        new kms.ViaServicePrincipal(`secretsmanager.${Stack.of(this).region}.amazonaws.com`, grantee.grantPrincipal)
      );
    }

    return result;
  }

@aws-cdk/aws-kms

The CDK Construct Library for AWS::KMS

Apache-2.0
Latest version published 2 years ago

Package Health Score

70 / 100
Full package analysis