AWS::SecretsManager::RotationScheduleSecretsManager RotationSchedule
Resource Type definition for AWS::SecretsManager::RotationSchedule
Properties
7 configurable properties. 1 required. Click a row to see details.
Filter:
| Property | Type | Flags |
|---|---|---|
SecretId | string | RequiredCreate-only |
ExternalSecretRotationMetadata | Array<ExternalSecretRotationMetadataItem> | |
ExternalSecretRotationRoleArn | string | |
HostedRotationLambda | HostedRotationLambda | Write-only |
RotateImmediatelyOnUpdate | boolean | Write-only |
RotationLambdaARN | string | |
RotationRules | RotationRules |
Return Values
Values returned after the resource is created. Access these with Fn::GetAtt.
| Attribute | Type | Description |
|---|---|---|
Id | string | The ARN of the secret. |
Sample CloudFormation Template
A minimal template with required properties and common optional ones.
template.yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::SecretsManager::RotationSchedule
Resources:
MyResource:
Type: AWS::SecretsManager::RotationSchedule
Properties:
SecretId: "my-secretid"Required IAM Permissions
Permissions CloudFormation needs in your IAM role to manage this resource.
read
secretsmanager:DescribeSecretcreate
secretsmanager:RotateSecretsecretsmanager:DescribeSecretlambda:InvokeFunctioniam:PassRoleupdate
secretsmanager:RotateSecretsecretsmanager:DescribeSecretlambda:InvokeFunctioniam:PassRolelist
secretsmanager:DescribeSecretsecretsmanager:ListSecretsdelete
secretsmanager:CancelRotateSecretsecretsmanager:DescribeSecretLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterQuick Facts
ServiceSecretsManager
Properties8
Required1
TaggingNot supported
Primary ID
IdSupported Operations
ReadCreateUpdateListDelete
Immutable After Creation
These properties cannot be changed after the resource is created. Updating them triggers a replacement.
SecretId