alicloudroscdkkms

package module
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 18, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

README

Aliyun ROS KMS Construct Library

This module is part of the AliCloud ROS Cloud Development Kit (ROS CDK) project.

import * as KMS from '@alicloud/ros-cdk-kms';

Documentation

Overview

Aliyun SDK Copyright (C) Alibaba Cloud Computing All rights reserved. http://www.aliyun.com

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Alias_IsConstruct 

func Alias_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func Instance_IsConstruct 

func Instance_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func Key_IsConstruct 

func Key_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func NetworkRule_IsConstruct added in v1.3.0 

func NetworkRule_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func NewAlias_Override 

func NewAlias_Override(a Alias, scope alicloudroscdkcore.Construct, id *string, props *AliasProps, enableResourcePropertyConstraint *bool)

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

func NewInstance_Override 

func NewInstance_Override(i Instance, scope alicloudroscdkcore.Construct, id *string, props *InstanceProps, enableResourcePropertyConstraint *bool)

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

func NewKey_Override 

func NewKey_Override(k Key, scope alicloudroscdkcore.Construct, id *string, props *KeyProps, enableResourcePropertyConstraint *bool)

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

func NewNetworkRule_Override added in v1.3.0 

func NewNetworkRule_Override(n NetworkRule, scope alicloudroscdkcore.Construct, id *string, props *NetworkRuleProps, enableResourcePropertyConstraint *bool)

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

func NewPolicy_Override added in v1.3.0 

func NewPolicy_Override(p Policy, scope alicloudroscdkcore.Construct, id *string, props *PolicyProps, enableResourcePropertyConstraint *bool)

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

func NewRosAlias_Override 

func NewRosAlias_Override(r RosAlias, scope alicloudroscdkcore.Construct, id *string, props *RosAliasProps, enableResourcePropertyConstraint *bool)

func NewRosInstance_Override 

func NewRosInstance_Override(r RosInstance, scope alicloudroscdkcore.Construct, id *string, props *RosInstanceProps, enableResourcePropertyConstraint *bool)

func NewRosKey_Override 

func NewRosKey_Override(r RosKey, scope alicloudroscdkcore.Construct, id *string, props *RosKeyProps, enableResourcePropertyConstraint *bool)

func NewRosNetworkRule_Override added in v1.3.0 

func NewRosNetworkRule_Override(r RosNetworkRule, scope alicloudroscdkcore.Construct, id *string, props *RosNetworkRuleProps, enableResourcePropertyConstraint *bool)

func NewRosPolicy_Override added in v1.3.0 

func NewRosPolicy_Override(r RosPolicy, scope alicloudroscdkcore.Construct, id *string, props *RosPolicyProps, enableResourcePropertyConstraint *bool)

func NewRosSecret_Override 

func NewRosSecret_Override(r RosSecret, scope alicloudroscdkcore.Construct, id *string, props *RosSecretProps, enableResourcePropertyConstraint *bool)

func NewSecret_Override 

func NewSecret_Override(s Secret, scope alicloudroscdkcore.Construct, id *string, props *SecretProps, enableResourcePropertyConstraint *bool)

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

func Policy_IsConstruct added in v1.3.0 

func Policy_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func RosAlias_IsConstruct 

func RosAlias_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func RosAlias_IsRosElement 

func RosAlias_IsRosElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func RosAlias_IsRosResource 

func RosAlias_IsRosResource(construct alicloudroscdkcore.IConstruct) *bool

Check whether the given construct is a RosResource.

func RosAlias_ROS_RESOURCE_TYPE_NAME 

func RosAlias_ROS_RESOURCE_TYPE_NAME() *string

func RosInstance_IsConstruct 

func RosInstance_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func RosInstance_IsRosElement 

func RosInstance_IsRosElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func RosInstance_IsRosResource 

func RosInstance_IsRosResource(construct alicloudroscdkcore.IConstruct) *bool

Check whether the given construct is a RosResource.

func RosInstance_ROS_RESOURCE_TYPE_NAME 

func RosInstance_ROS_RESOURCE_TYPE_NAME() *string

func RosKey_IsConstruct 

func RosKey_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func RosKey_IsRosElement 

func RosKey_IsRosElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func RosKey_IsRosResource 

func RosKey_IsRosResource(construct alicloudroscdkcore.IConstruct) *bool

Check whether the given construct is a RosResource.

func RosKey_ROS_RESOURCE_TYPE_NAME 

func RosKey_ROS_RESOURCE_TYPE_NAME() *string

func RosNetworkRule_IsConstruct added in v1.3.0 

func RosNetworkRule_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func RosNetworkRule_IsRosElement added in v1.3.0 

func RosNetworkRule_IsRosElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func RosNetworkRule_IsRosResource added in v1.3.0 

func RosNetworkRule_IsRosResource(construct alicloudroscdkcore.IConstruct) *bool

Check whether the given construct is a RosResource.

func RosNetworkRule_ROS_RESOURCE_TYPE_NAME added in v1.3.0 

func RosNetworkRule_ROS_RESOURCE_TYPE_NAME() *string

func RosPolicy_IsConstruct added in v1.3.0 

func RosPolicy_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func RosPolicy_IsRosElement added in v1.3.0 

func RosPolicy_IsRosElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func RosPolicy_IsRosResource added in v1.3.0 

func RosPolicy_IsRosResource(construct alicloudroscdkcore.IConstruct) *bool

Check whether the given construct is a RosResource.

func RosPolicy_ROS_RESOURCE_TYPE_NAME added in v1.3.0 

func RosPolicy_ROS_RESOURCE_TYPE_NAME() *string

func RosSecret_IsConstruct 

func RosSecret_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

func RosSecret_IsRosElement 

func RosSecret_IsRosElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func RosSecret_IsRosResource 

func RosSecret_IsRosResource(construct alicloudroscdkcore.IConstruct) *bool

Check whether the given construct is a RosResource.

func RosSecret_ROS_RESOURCE_TYPE_NAME 

func RosSecret_ROS_RESOURCE_TYPE_NAME() *string

func Secret_IsConstruct 

func Secret_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct.

Types

type Alias 

type Alias interface {
	alicloudroscdkcore.Resource
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	Id() *string
	SetId(val *string)
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the ROS resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by ROS
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	Props() *AliasProps
	SetProps(val *AliasProps)
	Ref() *string
	Resource() alicloudroscdkcore.RosResource
	SetResource(val alicloudroscdkcore.RosResource)
	Scope() alicloudroscdkcore.Construct
	SetScope(val alicloudroscdkcore.Construct)
	// The stack in which this resource is defined.
	Stack() alicloudroscdkcore.Stack
	AddCondition(condition alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	AddDependency(resource alicloudroscdkcore.Resource)
	AddResourceDesc(desc *string)
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy)
	GeneratePhysicalName() *string
	GetAtt(name *string) alicloudroscdkcore.IResolvable
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	SetMetadata(key *string, value interface{})
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
}

This class encapsulates and extends the ROS resource type `ALIYUN::KMS::Alias`, which is used to create an alias for a Customer Master Key (CMK).

func NewAlias 

func NewAlias(scope alicloudroscdkcore.Construct, id *string, props *AliasProps, enableResourcePropertyConstraint *bool) Alias

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

type AliasProps 

type AliasProps struct {
	// Property aliasName: - The display name of the key.
	//
	// You can use the alias to call APIs such as Encrypt, GenerateDataKey, and DescribeKey. - Not including the prefix, the minimum length of an alias is 1 and the maximum length is 255. - The prefix alias\/ must be included.
	AliasName interface{} `field:"required" json:"aliasName" yaml:"aliasName"`
	// Property keyId: Globally unique identifier of the CMK.
	KeyId interface{} `field:"required" json:"keyId" yaml:"keyId"`
}

Properties for defining a `Alias`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-alias

type Instance 

type Instance interface {
	alicloudroscdkcore.Resource
	// Attribute InstanceId: The ID of the instance.
	AttrInstanceId() alicloudroscdkcore.IResolvable
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	Id() *string
	SetId(val *string)
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the ROS resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by ROS
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	Props() *InstanceProps
	SetProps(val *InstanceProps)
	Ref() *string
	Resource() alicloudroscdkcore.RosResource
	SetResource(val alicloudroscdkcore.RosResource)
	Scope() alicloudroscdkcore.Construct
	SetScope(val alicloudroscdkcore.Construct)
	// The stack in which this resource is defined.
	Stack() alicloudroscdkcore.Stack
	AddCondition(condition alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	AddDependency(resource alicloudroscdkcore.Resource)
	AddResourceDesc(desc *string)
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy)
	GeneratePhysicalName() *string
	GetAtt(name *string) alicloudroscdkcore.IResolvable
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	SetMetadata(key *string, value interface{})
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
}

This class encapsulates and extends the ROS resource type `ALIYUN::KMS::Instance`, which is used to create a Key Management Service (KMS) instance.

func NewInstance 

func NewInstance(scope alicloudroscdkcore.Construct, id *string, props *InstanceProps, enableResourcePropertyConstraint *bool) Instance

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

type InstanceProps 

type InstanceProps struct {
	// Property productVersion: KMS Instance commodity type (software\/software-small\/hardware\/hardware-small).
	ProductVersion interface{} `field:"required" json:"productVersion" yaml:"productVersion"`
	// Property connection:.
	Connection interface{} `field:"optional" json:"connection" yaml:"connection"`
	// Property instanceChargeType: Billing method of the KMS instance, default to Subscription.
	InstanceChargeType interface{} `field:"optional" json:"instanceChargeType" yaml:"instanceChargeType"`
	// Property keyNum: Maximum number of stored keys.
	//
	// It is required when the InstanceCharge is Subscription.
	KeyNum interface{} `field:"optional" json:"keyNum" yaml:"keyNum"`
	// Property log: Whether to enable log.
	Log interface{} `field:"optional" json:"log" yaml:"log"`
	// Property logStorage: Log storage.
	LogStorage interface{} `field:"optional" json:"logStorage" yaml:"logStorage"`
	// Property period: The subscription duration of the KMS instance.
	//
	// If PeriodUnit is Month, the valid range is 1, 2, 3, 6, 12, 24, 36
	// If PeriodUnit is Year, the valid range is 1, 2, 3.
	Period interface{} `field:"optional" json:"period" yaml:"period"`
	// Property periodUnit: The unit of the subscription duration.
	//
	// Valid values:
	// Month
	// Year
	// Default value: Month.
	PeriodUnit interface{} `field:"optional" json:"periodUnit" yaml:"periodUnit"`
	// Property renewPeriod: Automatic renewal period, in months.
	RenewPeriod interface{} `field:"optional" json:"renewPeriod" yaml:"renewPeriod"`
	// Property renewStatus: Renewal options (manual renewal, automatic renewal, no renewal).
	RenewStatus interface{} `field:"optional" json:"renewStatus" yaml:"renewStatus"`
	// Property secretNum: Maximum number of secrets.
	//
	// It is required when the InstanceCharge is Subscription.
	SecretNum interface{} `field:"optional" json:"secretNum" yaml:"secretNum"`
	// Property spec: The computation performance level of the KMS instance.
	Spec interface{} `field:"optional" json:"spec" yaml:"spec"`
	// Property vpcNum: The number of managed accesses.
	//
	// The maximum number of VPCs that can access this KMS instance. It is required when the InstanceCharge is Subscription.
	VpcNum interface{} `field:"optional" json:"vpcNum" yaml:"vpcNum"`
}

Properties for defining a `Instance`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-instance

type Key 

type Key interface {
	alicloudroscdkcore.Resource
	// Attribute KeyId: The globally unique identifier for the CMK.
	AttrKeyId() alicloudroscdkcore.IResolvable
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	Id() *string
	SetId(val *string)
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the ROS resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by ROS
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	Props() *KeyProps
	SetProps(val *KeyProps)
	Ref() *string
	Resource() alicloudroscdkcore.RosResource
	SetResource(val alicloudroscdkcore.RosResource)
	Scope() alicloudroscdkcore.Construct
	SetScope(val alicloudroscdkcore.Construct)
	// The stack in which this resource is defined.
	Stack() alicloudroscdkcore.Stack
	AddCondition(condition alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	AddDependency(resource alicloudroscdkcore.Resource)
	AddResourceDesc(desc *string)
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy)
	GeneratePhysicalName() *string
	GetAtt(name *string) alicloudroscdkcore.IResolvable
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	SetMetadata(key *string, value interface{})
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
}

This class encapsulates and extends the ROS resource type `ALIYUN::KMS::Key`, which is used to create a customer master key (CMK).

func NewKey 

func NewKey(scope alicloudroscdkcore.Construct, id *string, props *KeyProps, enableResourcePropertyConstraint *bool) Key

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

type KeyProps 

type KeyProps struct {
	// Property deletionProtection: Specifies whether to enable the release protection feature for the key.
	//
	// Default is false.
	DeletionProtection interface{} `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	// Property description: The description of the CMK.
	//
	// Length constraints: Minimum length of 0 characters. Maximum length of 8192 characters.
	Description interface{} `field:"optional" json:"description" yaml:"description"`
	// Property dkmsInstanceId: The ID of the dedicated KMS instance.
	DkmsInstanceId interface{} `field:"optional" json:"dkmsInstanceId" yaml:"dkmsInstanceId"`
	// Property enable: Specifies whether the key is enabled.
	//
	// Defaults to true.
	Enable interface{} `field:"optional" json:"enable" yaml:"enable"`
	// Property enableAutomaticRotation: Whether to enable automatic key rotation.
	//
	// Valid value: true\/false (default).
	EnableAutomaticRotation interface{} `field:"optional" json:"enableAutomaticRotation" yaml:"enableAutomaticRotation"`
	// Property keySpec: Key type.
	//
	// Valid value: Aliyun_AES_256\/Aliyun_SM4\/RSA_2048\/EC_P256\/EC_P256K\/EC_SM2.
	KeySpec interface{} `field:"optional" json:"keySpec" yaml:"keySpec"`
	// Property keyUsage: The usage of the CMK.
	//
	// Valid values:
	// ENCRYPT\/DECRYPT: encrypts or decrypts data.
	// SIGN\/VERIFY: generates or verifies a digital signature.
	// If the CMK supports signature verification, the default value is SIGN\/VERIFY. If the CMK does not support signature verification, the default value is ENCRYPT\/DECRYPT.
	KeyUsage interface{} `field:"optional" json:"keyUsage" yaml:"keyUsage"`
	// Property pendingWindowInDays: The waiting period, specified in number of days.
	//
	// During this period, you can cancel the CMK in PendingDeletion status. After the waiting period expires, you cannot cancel the deletion. The value must be between 7 and 366. Default value is 30.
	PendingWindowInDays interface{} `field:"optional" json:"pendingWindowInDays" yaml:"pendingWindowInDays"`
	// Property policy: The policy of key.
	Policy interface{} `field:"optional" json:"policy" yaml:"policy"`
	// Property protectionLevel: The protection level of the CMK to create.
	//
	// Valid value: SOFTWARE and HSM. When this parameter is set to HSM:
	// If the Origin parameter is set to Aliyun_KMS, the CMK is created in Managed HSM.
	// If the Origin parameter is set to EXTERNAL, you can import external keys to Managed HSM.
	ProtectionLevel interface{} `field:"optional" json:"protectionLevel" yaml:"protectionLevel"`
	// Property rotationInterval: The time period for automatic rotation.
	//
	// The format is integer[unit], where integer represents the length of time and unit represents the time unit. The legal unit units are: d (day), h (hour), m (minute), s (second). 7d or 604800s both represent a 7-day cycle. Value: 7~730 days.
	RotationInterval interface{} `field:"optional" json:"rotationInterval" yaml:"rotationInterval"`
}

Properties for defining a `Key`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-key

type NetworkRule added in v1.3.0 

type NetworkRule interface {
	alicloudroscdkcore.Resource
	// Attribute Description: Description.
	AttrDescription() alicloudroscdkcore.IResolvable
	// Attribute SourcePrivateIp: VPC network whitelist.
	AttrSourcePrivateIp() alicloudroscdkcore.IResolvable
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	Id() *string
	SetId(val *string)
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the ROS resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by ROS
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	Props() *NetworkRuleProps
	SetProps(val *NetworkRuleProps)
	Ref() *string
	Resource() alicloudroscdkcore.RosResource
	SetResource(val alicloudroscdkcore.RosResource)
	Scope() alicloudroscdkcore.Construct
	SetScope(val alicloudroscdkcore.Construct)
	// The stack in which this resource is defined.
	Stack() alicloudroscdkcore.Stack
	AddCondition(condition alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	AddDependency(resource alicloudroscdkcore.Resource)
	AddResourceDesc(desc *string)
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy)
	GeneratePhysicalName() *string
	GetAtt(name *string) alicloudroscdkcore.IResolvable
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	SetMetadata(key *string, value interface{})
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
}

This class encapsulates and extends the ROS resource type `ALIYUN::KMS::NetworkRule`.

func NewNetworkRule added in v1.3.0 

func NewNetworkRule(scope alicloudroscdkcore.Construct, id *string, props *NetworkRuleProps, enableResourcePropertyConstraint *bool) NetworkRule

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

type NetworkRuleProps added in v1.3.0 

type NetworkRuleProps struct {
	// Property networkRuleName: The name of the access control rule.
	NetworkRuleName interface{} `field:"required" json:"networkRuleName" yaml:"networkRuleName"`
	// Property description: The description of the network rule.
	Description interface{} `field:"optional" json:"description" yaml:"description"`
	// Property sourcePrivateIp: VPC network whitelist, The private IP address or private CIDR block, Supports binding up to 800 CIDR blocks or IP addresses.
	SourcePrivateIp interface{} `field:"optional" json:"sourcePrivateIp" yaml:"sourcePrivateIp"`
}

Properties for defining a `NetworkRule`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-networkrule

type Policy added in v1.3.0 

type Policy interface {
	alicloudroscdkcore.Resource
	// Attribute AccessControlRules: Network Rules info.
	AttrAccessControlRules() alicloudroscdkcore.IResolvable
	// Attribute Description: Description.
	AttrDescription() alicloudroscdkcore.IResolvable
	// Attribute KmsInstanceId: The scope of the permission policy.
	//
	// You need to specify the KMS instance that you want to access.
	AttrKmsInstanceId() alicloudroscdkcore.IResolvable
	// Attribute Permissions: RbacPermission Template, support RbacPermission/Template/CryptoServiceKeyUser and RbacPermission/Template/CryptoServiceSecretUser.
	AttrPermissions() alicloudroscdkcore.IResolvable
	// Attribute PolicyName: The name of the permission policy.
	AttrPolicyName() alicloudroscdkcore.IResolvable
	// Attribute Resources: Resources that allowed access by this policy.
	AttrResources() alicloudroscdkcore.IResolvable
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	Id() *string
	SetId(val *string)
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the ROS resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by ROS
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	Props() *PolicyProps
	SetProps(val *PolicyProps)
	Ref() *string
	Resource() alicloudroscdkcore.RosResource
	SetResource(val alicloudroscdkcore.RosResource)
	Scope() alicloudroscdkcore.Construct
	SetScope(val alicloudroscdkcore.Construct)
	// The stack in which this resource is defined.
	Stack() alicloudroscdkcore.Stack
	AddCondition(condition alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	AddDependency(resource alicloudroscdkcore.Resource)
	AddResourceDesc(desc *string)
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy)
	GeneratePhysicalName() *string
	GetAtt(name *string) alicloudroscdkcore.IResolvable
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	SetMetadata(key *string, value interface{})
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
}

This class encapsulates and extends the ROS resource type `ALIYUN::KMS::Policy`.

func NewPolicy added in v1.3.0 

func NewPolicy(scope alicloudroscdkcore.Construct, id *string, props *PolicyProps, enableResourcePropertyConstraint *bool) Policy

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

type PolicyProps added in v1.3.0 

type PolicyProps struct {
	// Property accessControlRules: Network Rules info.
	AccessControlRules interface{} `field:"required" json:"accessControlRules" yaml:"accessControlRules"`
	// Property kmsInstanceId: The scope of the permission policy.
	//
	// You need to specify the KMS instance that you want to access.
	KmsInstanceId interface{} `field:"required" json:"kmsInstanceId" yaml:"kmsInstanceId"`
	// Property permissions: The operations that can be performed.
	//
	// Valid values:
	// RbacPermission\/Template\/CryptoServiceKeyUser: allows you to perform cryptographic operations.
	// RbacPermission\/Template\/CryptoServiceSecretUser: allows you to perform secret-related operations.
	Permissions interface{} `field:"required" json:"permissions" yaml:"permissions"`
	// Property policyName: The name of the permission policy.
	PolicyName interface{} `field:"required" json:"policyName" yaml:"policyName"`
	// Property resources: The key and secret that are allowed to access.
	//
	// Supports a maximum of 30 key and secret.
	// Key: Enter a key in the key\/${KeyId} format. To allow access to all keys of a KMS instance, enter key\/*.
	// Secret: Enter a secret in the secret\/${SecretName} format. To allow access to all secrets of a KMS instance, enter secret\/*.
	Resources interface{} `field:"required" json:"resources" yaml:"resources"`
	// Property description: The description of the permission policy.
	Description interface{} `field:"optional" json:"description" yaml:"description"`
}

Properties for defining a `Policy`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-policy

type RosAlias 

type RosAlias interface {
	alicloudroscdkcore.RosResource
	AliasName() interface{}
	SetAliasName(val interface{})
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aliyun:ros:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	KeyId() interface{}
	SetKeyId(val interface{})
	// The logical ID for this stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	// Return a string that will be resolved to a RosTemplate `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// Options for this resource, such as condition, update policy etc.
	RosOptions() alicloudroscdkcore.IRosResourceOptions
	RosProperties() *map[string]interface{}
	// ROS resource type.
	RosResourceType() *string
	// The stack in which this element is defined.
	//
	// RosElements must be defined within a stack scope (directly or indirectly).
	Stack() alicloudroscdkcore.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	AddCondition(con alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependsOn(target alicloudroscdkcore.RosResource)
	AddDesc(desc *string)
	AddMetaData(key *string, value interface{})
	// Adds an override to the synthesized ROS resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// For example,
	// “`typescript
	// addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute'])
	// addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE')
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	AddRosDependency(target *string)
	// Sets the deletion policy of the resource based on the removal policy specified.
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy, options *alicloudroscdkcore.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string) alicloudroscdkcore.Reference
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

This class is a base encapsulation around the ROS resource type `ALIYUN::KMS::Alias`, which is used to create an alias for a Customer Master Key (CMK).

func NewRosAlias 

func NewRosAlias(scope alicloudroscdkcore.Construct, id *string, props *RosAliasProps, enableResourcePropertyConstraint *bool) RosAlias

type RosAliasProps 

type RosAliasProps struct {
	AliasName interface{} `field:"required" json:"aliasName" yaml:"aliasName"`
	KeyId     interface{} `field:"required" json:"keyId" yaml:"keyId"`
}

Properties for defining a `RosAlias`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-alias

type RosInstance 

type RosInstance interface {
	alicloudroscdkcore.RosResource
	AttrInstanceId() alicloudroscdkcore.IResolvable
	Connection() interface{}
	SetConnection(val interface{})
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aliyun:ros:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	InstanceChargeType() interface{}
	SetInstanceChargeType(val interface{})
	KeyNum() interface{}
	SetKeyNum(val interface{})
	Log() interface{}
	SetLog(val interface{})
	// The logical ID for this stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	LogStorage() interface{}
	SetLogStorage(val interface{})
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	Period() interface{}
	SetPeriod(val interface{})
	PeriodUnit() interface{}
	SetPeriodUnit(val interface{})
	ProductVersion() interface{}
	SetProductVersion(val interface{})
	// Return a string that will be resolved to a RosTemplate `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	RenewPeriod() interface{}
	SetRenewPeriod(val interface{})
	RenewStatus() interface{}
	SetRenewStatus(val interface{})
	// Options for this resource, such as condition, update policy etc.
	RosOptions() alicloudroscdkcore.IRosResourceOptions
	RosProperties() *map[string]interface{}
	// ROS resource type.
	RosResourceType() *string
	SecretNum() interface{}
	SetSecretNum(val interface{})
	Spec() interface{}
	SetSpec(val interface{})
	// The stack in which this element is defined.
	//
	// RosElements must be defined within a stack scope (directly or indirectly).
	Stack() alicloudroscdkcore.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	VpcNum() interface{}
	SetVpcNum(val interface{})
	AddCondition(con alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependsOn(target alicloudroscdkcore.RosResource)
	AddDesc(desc *string)
	AddMetaData(key *string, value interface{})
	// Adds an override to the synthesized ROS resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// For example,
	// “`typescript
	// addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute'])
	// addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE')
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	AddRosDependency(target *string)
	// Sets the deletion policy of the resource based on the removal policy specified.
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy, options *alicloudroscdkcore.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string) alicloudroscdkcore.Reference
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

This class is a base encapsulation around the ROS resource type `ALIYUN::KMS::Instance`, which is used to create a Key Management Service (KMS) instance.

func NewRosInstance 

func NewRosInstance(scope alicloudroscdkcore.Construct, id *string, props *RosInstanceProps, enableResourcePropertyConstraint *bool) RosInstance

type RosInstanceProps 

type RosInstanceProps struct {
	ProductVersion     interface{} `field:"required" json:"productVersion" yaml:"productVersion"`
	Connection         interface{} `field:"optional" json:"connection" yaml:"connection"`
	InstanceChargeType interface{} `field:"optional" json:"instanceChargeType" yaml:"instanceChargeType"`
	KeyNum             interface{} `field:"optional" json:"keyNum" yaml:"keyNum"`
	Log                interface{} `field:"optional" json:"log" yaml:"log"`
	LogStorage         interface{} `field:"optional" json:"logStorage" yaml:"logStorage"`
	Period             interface{} `field:"optional" json:"period" yaml:"period"`
	PeriodUnit         interface{} `field:"optional" json:"periodUnit" yaml:"periodUnit"`
	RenewPeriod        interface{} `field:"optional" json:"renewPeriod" yaml:"renewPeriod"`
	RenewStatus        interface{} `field:"optional" json:"renewStatus" yaml:"renewStatus"`
	SecretNum          interface{} `field:"optional" json:"secretNum" yaml:"secretNum"`
	Spec               interface{} `field:"optional" json:"spec" yaml:"spec"`
	VpcNum             interface{} `field:"optional" json:"vpcNum" yaml:"vpcNum"`
}

Properties for defining a `RosInstance`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-instance

type RosInstance_ConnectionProperty 

type RosInstance_ConnectionProperty struct {
	VpcId      interface{} `field:"required" json:"vpcId" yaml:"vpcId"`
	VSwitchIds interface{} `field:"required" json:"vSwitchIds" yaml:"vSwitchIds"`
	ZoneIds    interface{} `field:"required" json:"zoneIds" yaml:"zoneIds"`
}

type RosKey 

type RosKey interface {
	alicloudroscdkcore.RosResource
	AttrKeyId() alicloudroscdkcore.IResolvable
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aliyun:ros:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	DeletionProtection() interface{}
	SetDeletionProtection(val interface{})
	Description() interface{}
	SetDescription(val interface{})
	DkmsInstanceId() interface{}
	SetDkmsInstanceId(val interface{})
	Enable() interface{}
	SetEnable(val interface{})
	EnableAutomaticRotation() interface{}
	SetEnableAutomaticRotation(val interface{})
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	KeySpec() interface{}
	SetKeySpec(val interface{})
	KeyUsage() interface{}
	SetKeyUsage(val interface{})
	// The logical ID for this stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	PendingWindowInDays() interface{}
	SetPendingWindowInDays(val interface{})
	Policy() interface{}
	SetPolicy(val interface{})
	ProtectionLevel() interface{}
	SetProtectionLevel(val interface{})
	// Return a string that will be resolved to a RosTemplate `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// Options for this resource, such as condition, update policy etc.
	RosOptions() alicloudroscdkcore.IRosResourceOptions
	RosProperties() *map[string]interface{}
	// ROS resource type.
	RosResourceType() *string
	RotationInterval() interface{}
	SetRotationInterval(val interface{})
	// The stack in which this element is defined.
	//
	// RosElements must be defined within a stack scope (directly or indirectly).
	Stack() alicloudroscdkcore.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	AddCondition(con alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependsOn(target alicloudroscdkcore.RosResource)
	AddDesc(desc *string)
	AddMetaData(key *string, value interface{})
	// Adds an override to the synthesized ROS resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// For example,
	// “`typescript
	// addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute'])
	// addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE')
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	AddRosDependency(target *string)
	// Sets the deletion policy of the resource based on the removal policy specified.
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy, options *alicloudroscdkcore.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string) alicloudroscdkcore.Reference
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

This class is a base encapsulation around the ROS resource type `ALIYUN::KMS::Key`, which is used to create a customer master key (CMK).

func NewRosKey 

func NewRosKey(scope alicloudroscdkcore.Construct, id *string, props *RosKeyProps, enableResourcePropertyConstraint *bool) RosKey

type RosKeyProps 

type RosKeyProps struct {
	DeletionProtection      interface{} `field:"optional" json:"deletionProtection" yaml:"deletionProtection"`
	Description             interface{} `field:"optional" json:"description" yaml:"description"`
	DkmsInstanceId          interface{} `field:"optional" json:"dkmsInstanceId" yaml:"dkmsInstanceId"`
	Enable                  interface{} `field:"optional" json:"enable" yaml:"enable"`
	EnableAutomaticRotation interface{} `field:"optional" json:"enableAutomaticRotation" yaml:"enableAutomaticRotation"`
	KeySpec                 interface{} `field:"optional" json:"keySpec" yaml:"keySpec"`
	KeyUsage                interface{} `field:"optional" json:"keyUsage" yaml:"keyUsage"`
	PendingWindowInDays     interface{} `field:"optional" json:"pendingWindowInDays" yaml:"pendingWindowInDays"`
	Policy                  interface{} `field:"optional" json:"policy" yaml:"policy"`
	ProtectionLevel         interface{} `field:"optional" json:"protectionLevel" yaml:"protectionLevel"`
	RotationInterval        interface{} `field:"optional" json:"rotationInterval" yaml:"rotationInterval"`
}

Properties for defining a `RosKey`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-key

type RosNetworkRule added in v1.3.0 

type RosNetworkRule interface {
	alicloudroscdkcore.RosResource
	AttrDescription() alicloudroscdkcore.IResolvable
	AttrSourcePrivateIp() alicloudroscdkcore.IResolvable
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aliyun:ros:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	Description() interface{}
	SetDescription(val interface{})
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	// The logical ID for this stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	NetworkRuleName() interface{}
	SetNetworkRuleName(val interface{})
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	// Return a string that will be resolved to a RosTemplate `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// Options for this resource, such as condition, update policy etc.
	RosOptions() alicloudroscdkcore.IRosResourceOptions
	RosProperties() *map[string]interface{}
	// ROS resource type.
	RosResourceType() *string
	SourcePrivateIp() interface{}
	SetSourcePrivateIp(val interface{})
	// The stack in which this element is defined.
	//
	// RosElements must be defined within a stack scope (directly or indirectly).
	Stack() alicloudroscdkcore.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	AddCondition(con alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependsOn(target alicloudroscdkcore.RosResource)
	AddDesc(desc *string)
	AddMetaData(key *string, value interface{})
	// Adds an override to the synthesized ROS resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// For example,
	// “`typescript
	// addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute'])
	// addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE')
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	AddRosDependency(target *string)
	// Sets the deletion policy of the resource based on the removal policy specified.
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy, options *alicloudroscdkcore.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string) alicloudroscdkcore.Reference
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

This class is a base encapsulation around the ROS resource type `ALIYUN::KMS::NetworkRule`.

func NewRosNetworkRule added in v1.3.0 

func NewRosNetworkRule(scope alicloudroscdkcore.Construct, id *string, props *RosNetworkRuleProps, enableResourcePropertyConstraint *bool) RosNetworkRule

type RosNetworkRuleProps added in v1.3.0 

type RosNetworkRuleProps struct {
	NetworkRuleName interface{} `field:"required" json:"networkRuleName" yaml:"networkRuleName"`
	Description     interface{} `field:"optional" json:"description" yaml:"description"`
	SourcePrivateIp interface{} `field:"optional" json:"sourcePrivateIp" yaml:"sourcePrivateIp"`
}

Properties for defining a `RosNetworkRule`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-networkrule

type RosPolicy added in v1.3.0 

type RosPolicy interface {
	alicloudroscdkcore.RosResource
	AccessControlRules() interface{}
	SetAccessControlRules(val interface{})
	AttrAccessControlRules() alicloudroscdkcore.IResolvable
	AttrDescription() alicloudroscdkcore.IResolvable
	AttrKmsInstanceId() alicloudroscdkcore.IResolvable
	AttrPermissions() alicloudroscdkcore.IResolvable
	AttrPolicyName() alicloudroscdkcore.IResolvable
	AttrResources() alicloudroscdkcore.IResolvable
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aliyun:ros:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	Description() interface{}
	SetDescription(val interface{})
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	KmsInstanceId() interface{}
	SetKmsInstanceId(val interface{})
	// The logical ID for this stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	Permissions() interface{}
	SetPermissions(val interface{})
	PolicyName() interface{}
	SetPolicyName(val interface{})
	// Return a string that will be resolved to a RosTemplate `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	Resources() interface{}
	SetResources(val interface{})
	// Options for this resource, such as condition, update policy etc.
	RosOptions() alicloudroscdkcore.IRosResourceOptions
	RosProperties() *map[string]interface{}
	// ROS resource type.
	RosResourceType() *string
	// The stack in which this element is defined.
	//
	// RosElements must be defined within a stack scope (directly or indirectly).
	Stack() alicloudroscdkcore.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	AddCondition(con alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependsOn(target alicloudroscdkcore.RosResource)
	AddDesc(desc *string)
	AddMetaData(key *string, value interface{})
	// Adds an override to the synthesized ROS resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// For example,
	// “`typescript
	// addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute'])
	// addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE')
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	AddRosDependency(target *string)
	// Sets the deletion policy of the resource based on the removal policy specified.
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy, options *alicloudroscdkcore.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string) alicloudroscdkcore.Reference
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

This class is a base encapsulation around the ROS resource type `ALIYUN::KMS::Policy`.

func NewRosPolicy added in v1.3.0 

func NewRosPolicy(scope alicloudroscdkcore.Construct, id *string, props *RosPolicyProps, enableResourcePropertyConstraint *bool) RosPolicy

type RosPolicyProps added in v1.3.0 

type RosPolicyProps struct {
	AccessControlRules interface{} `field:"required" json:"accessControlRules" yaml:"accessControlRules"`
	KmsInstanceId      interface{} `field:"required" json:"kmsInstanceId" yaml:"kmsInstanceId"`
	Permissions        interface{} `field:"required" json:"permissions" yaml:"permissions"`
	PolicyName         interface{} `field:"required" json:"policyName" yaml:"policyName"`
	Resources          interface{} `field:"required" json:"resources" yaml:"resources"`
	Description        interface{} `field:"optional" json:"description" yaml:"description"`
}

Properties for defining a `RosPolicy`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-policy

type RosPolicy_AccessControlRulesProperty added in v1.3.0 

type RosPolicy_AccessControlRulesProperty struct {
	NetworkRules interface{} `field:"required" json:"networkRules" yaml:"networkRules"`
}

type RosSecret 

type RosSecret interface {
	alicloudroscdkcore.RosResource
	AttrArn() alicloudroscdkcore.IResolvable
	AttrSecretName() alicloudroscdkcore.IResolvable
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aliyun:ros:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	Description() interface{}
	SetDescription(val interface{})
	DkmsInstanceId() interface{}
	SetDkmsInstanceId(val interface{})
	EnableAutomaticRotation() interface{}
	SetEnableAutomaticRotation(val interface{})
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	EncryptionKeyId() interface{}
	SetEncryptionKeyId(val interface{})
	ExtendedConfig() interface{}
	SetExtendedConfig(val interface{})
	ForceDeleteWithoutRecovery() interface{}
	SetForceDeleteWithoutRecovery(val interface{})
	// The logical ID for this stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	RecoveryWindowInDays() interface{}
	SetRecoveryWindowInDays(val interface{})
	// Return a string that will be resolved to a RosTemplate `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// Options for this resource, such as condition, update policy etc.
	RosOptions() alicloudroscdkcore.IRosResourceOptions
	RosProperties() *map[string]interface{}
	// ROS resource type.
	RosResourceType() *string
	RotationInterval() interface{}
	SetRotationInterval(val interface{})
	SecretData() interface{}
	SetSecretData(val interface{})
	SecretDataType() interface{}
	SetSecretDataType(val interface{})
	SecretName() interface{}
	SetSecretName(val interface{})
	SecretType() interface{}
	SetSecretType(val interface{})
	// The stack in which this element is defined.
	//
	// RosElements must be defined within a stack scope (directly or indirectly).
	Stack() alicloudroscdkcore.Stack
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	VersionId() interface{}
	SetVersionId(val interface{})
	VersionStages() interface{}
	SetVersionStages(val interface{})
	AddCondition(con alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependsOn(target alicloudroscdkcore.RosResource)
	AddDesc(desc *string)
	AddMetaData(key *string, value interface{})
	// Adds an override to the synthesized ROS resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// For example,
	// “`typescript
	// addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute'])
	// addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE')
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//    "GlobalSecondaryIndexes": [
	//      {
	//        "Projection": {
	//          "NonKeyAttributes": [ "myattribute" ]
	//          ...
	//        }
	//        ...
	//      },
	//      {
	//        "ProjectionType": "INCLUDE"
	//        ...
	//      },
	//    ]
	//    ...
	// }
	// “`.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	AddRosDependency(target *string)
	// Sets the deletion policy of the resource based on the removal policy specified.
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy, options *alicloudroscdkcore.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string) alicloudroscdkcore.Reference
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

This class is a base encapsulation around the ROS resource type `ALIYUN::KMS::Secret`, which is used to create a secret and store the initial version of the secret.

func NewRosSecret 

func NewRosSecret(scope alicloudroscdkcore.Construct, id *string, props *RosSecretProps, enableResourcePropertyConstraint *bool) RosSecret

type RosSecretProps 

type RosSecretProps struct {
	SecretData                 interface{} `field:"required" json:"secretData" yaml:"secretData"`
	SecretName                 interface{} `field:"required" json:"secretName" yaml:"secretName"`
	VersionId                  interface{} `field:"required" json:"versionId" yaml:"versionId"`
	Description                interface{} `field:"optional" json:"description" yaml:"description"`
	DkmsInstanceId             interface{} `field:"optional" json:"dkmsInstanceId" yaml:"dkmsInstanceId"`
	EnableAutomaticRotation    interface{} `field:"optional" json:"enableAutomaticRotation" yaml:"enableAutomaticRotation"`
	EncryptionKeyId            interface{} `field:"optional" json:"encryptionKeyId" yaml:"encryptionKeyId"`
	ExtendedConfig             interface{} `field:"optional" json:"extendedConfig" yaml:"extendedConfig"`
	ForceDeleteWithoutRecovery interface{} `field:"optional" json:"forceDeleteWithoutRecovery" yaml:"forceDeleteWithoutRecovery"`
	RecoveryWindowInDays       interface{} `field:"optional" json:"recoveryWindowInDays" yaml:"recoveryWindowInDays"`
	RotationInterval           interface{} `field:"optional" json:"rotationInterval" yaml:"rotationInterval"`
	SecretDataType             interface{} `field:"optional" json:"secretDataType" yaml:"secretDataType"`
	SecretType                 interface{} `field:"optional" json:"secretType" yaml:"secretType"`
	VersionStages              interface{} `field:"optional" json:"versionStages" yaml:"versionStages"`
}

Properties for defining a `RosSecret`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-secret

type Secret 

type Secret interface {
	alicloudroscdkcore.Resource
	// Attribute Arn: The Alibaba Cloud Resource Name (ARN).
	AttrArn() alicloudroscdkcore.IResolvable
	// Attribute SecretName: The name of the secret.
	AttrSecretName() alicloudroscdkcore.IResolvable
	EnableResourcePropertyConstraint() *bool
	SetEnableResourcePropertyConstraint(val *bool)
	Id() *string
	SetId(val *string)
	// The construct tree node associated with this construct.
	Node() alicloudroscdkcore.ConstructNode
	// Returns a string-encoded token that resolves to the physical name that should be passed to the ROS resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by ROS
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	// Experimental.
	PhysicalName() *string
	Props() *SecretProps
	SetProps(val *SecretProps)
	Ref() *string
	Resource() alicloudroscdkcore.RosResource
	SetResource(val alicloudroscdkcore.RosResource)
	Scope() alicloudroscdkcore.Construct
	SetScope(val alicloudroscdkcore.Construct)
	// The stack in which this resource is defined.
	Stack() alicloudroscdkcore.Stack
	AddCondition(condition alicloudroscdkcore.RosCondition)
	AddCount(count interface{})
	AddDependency(resource alicloudroscdkcore.Resource)
	AddResourceDesc(desc *string)
	ApplyRemovalPolicy(policy alicloudroscdkcore.RemovalPolicy)
	GeneratePhysicalName() *string
	GetAtt(name *string) alicloudroscdkcore.IResolvable
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	OnPrepare()
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	OnSynthesize(session constructs.ISynthesisSession)
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	OnValidate() *[]*string
	// Perform final modifications before synthesis.
	//
	// This method can be implemented by derived constructs in order to perform
	// final changes before synthesis. prepare() will be called after child
	// constructs have been prepared.
	//
	// This is an advanced framework feature. Only use this if you
	// understand the implications.
	Prepare()
	SetMetadata(key *string, value interface{})
	// Allows this construct to emit artifacts into the cloud assembly during synthesis.
	//
	// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
	// as they participate in synthesizing the cloud assembly.
	Synthesize(session alicloudroscdkcore.ISynthesisSession)
	// Returns a string representation of this construct.
	ToString() *string
	// Validate the current construct.
	//
	// This method can be implemented by derived constructs in order to perform
	// validation logic. It is called on all constructs before synthesis.
	//
	// Returns: An array of validation error messages, or an empty array if the construct is valid.
	Validate() *[]*string
}

This class encapsulates and extends the ROS resource type `ALIYUN::KMS::Secret`, which is used to create a secret and store the initial version of the secret.

func NewSecret 

func NewSecret(scope alicloudroscdkcore.Construct, id *string, props *SecretProps, enableResourcePropertyConstraint *bool) Secret

Param scope - scope in which this resource is defined Param id - scoped id of the resource Param props - resource properties.

type SecretProps 

type SecretProps struct {
	// Property secretData: The value of the secret that you want to create.
	//
	// Secrets Manager encrypts the secret
	// value and stores it in the initial version.
	SecretData interface{} `field:"required" json:"secretData" yaml:"secretData"`
	// Property secretName: The name of the secret.
	SecretName interface{} `field:"required" json:"secretName" yaml:"secretName"`
	// Property versionId: The version number of the initial version.
	//
	// Version numbers are unique in each secret
	// object.
	VersionId interface{} `field:"required" json:"versionId" yaml:"versionId"`
	// Property description: The description of the secret.
	Description interface{} `field:"optional" json:"description" yaml:"description"`
	// Property dkmsInstanceId: The ID of the dedicated KMS instance.
	DkmsInstanceId interface{} `field:"optional" json:"dkmsInstanceId" yaml:"dkmsInstanceId"`
	// Property enableAutomaticRotation: Specifies whether to enable automatic rotation.
	//
	// Valid values:
	// true: specifies to enable automatic rotation.
	// false: specifies to disable automatic rotation. This is the default value.
	EnableAutomaticRotation interface{} `field:"optional" json:"enableAutomaticRotation" yaml:"enableAutomaticRotation"`
	// Property encryptionKeyId: The ID of the KMS CMK that is used to encrypt the secret value.
	//
	// If you do not specify this parameter, Secrets Manager automatically creates an encryption
	// key to encrypt the secret.
	// Note The KMS CMK must be a symmetric key.
	EncryptionKeyId interface{} `field:"optional" json:"encryptionKeyId" yaml:"encryptionKeyId"`
	// Property extendedConfig: The extended configuration of the secret.
	//
	// This parameter specifies the properties of the secret of the specific type.
	ExtendedConfig interface{} `field:"optional" json:"extendedConfig" yaml:"extendedConfig"`
	// Property forceDeleteWithoutRecovery: Specifies whether to forcibly delete the secret.
	//
	// If this parameter is set to true, the secret cannot be recovered. Valid values:
	// true
	// false (default value).
	ForceDeleteWithoutRecovery interface{} `field:"optional" json:"forceDeleteWithoutRecovery" yaml:"forceDeleteWithoutRecovery"`
	// Property recoveryWindowInDays: Specifies the recovery period of the secret if you do not forcibly delete it.
	//
	// Default value: 30.
	RecoveryWindowInDays interface{} `field:"optional" json:"recoveryWindowInDays" yaml:"recoveryWindowInDays"`
	// Property rotationInterval: The interval for automatic rotation.
	//
	// Valid values: 6 hours to 8,760 hours (365 days).
	// The value is in the integer[unit] format.
	// The unit can be d (day), h (hour), m (minute), or s (second). For example, both 7d and 604800s indicate a seven-day interval.
	RotationInterval interface{} `field:"optional" json:"rotationInterval" yaml:"rotationInterval"`
	// Property secretDataType: The type of the secret value.
	//
	// Valid values:
	// text (default value)
	// binary.
	SecretDataType interface{} `field:"optional" json:"secretDataType" yaml:"secretDataType"`
	// Property secretType: The type of the secret.
	//
	// Valid values:
	// Generic: specifies a generic secret.
	// Rds: specifies a managed ApsaraDB RDS secret.
	// RAMCredentials: specifies a managed RAM secret.
	// ECS: specifies a managed ECS secret.
	SecretType interface{} `field:"optional" json:"secretType" yaml:"secretType"`
	// Property versionStages: The stage labels that mark the secret version.
	//
	// ACSCurrent will be marked as DefaultIf you do not specify it, Secrets Manager marks it with "ACSCurrent".
	VersionStages interface{} `field:"optional" json:"versionStages" yaml:"versionStages"`
}

Properties for defining a `Secret`.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-secret

Source Files

View all Source files

Directories

Path Synopsis
internal
Package jsii contains the functionaility needed for jsii packages to initialize their dependencies and themselves.
 Package jsii contains the functionaility needed for jsii packages to initialize their dependencies and themselves.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.