How to use the @aws-cdk/aws-kms.ViaServicePrincipal function in @aws-cdk/aws-kms
To help you get started, we’ve selected a few @aws-cdk/aws-kms examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
aws / aws-cdk / packages / @aws-cdk / aws-secretsmanager / lib / secret.ts View on Github 
const result = iam.Grant.addToPrincipal({
grantee,
actions: ['secretsmanager:GetSecretValue'],
resourceArns: [this.secretArn],
scope: this
});
if (versionStages != null && result.principalStatement) {
result.principalStatement.addCondition('ForAnyValue:StringEquals', {
'secretsmanager:VersionStage': versionStages
});
}
if (this.encryptionKey) {
// @see https://docs.aws.amazon.com/fr_fr/kms/latest/developerguide/services-secrets-manager.html
this.encryptionKey.grantDecrypt(
new kms.ViaServicePrincipal(`secretsmanager.${Stack.of(this).region}.amazonaws.com`, grantee.grantPrincipal)
);
}
return result;
}@aws-cdk/aws-kms
The CDK Construct Library for AWS::KMS
