Class: Aws::SecretsManager::Types::RotationRulesType

Inherits:
Struct
  • Object
show all
Includes:
Aws::Structure
Defined in:
lib/aws-sdk-secretsmanager/types.rb

Overview

Note:

When making an API call, you may pass RotationRulesType data as a hash:

{
  automatically_after_days: 1,
  duration: "DurationType",
  schedule_expression: "ScheduleExpressionType",
}

A structure that defines the rotation configuration for the secret.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#automatically_after_daysInteger

The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.

In `DescribeSecret` and `ListSecrets`, this value is calculated from the rotation schedule after every successful rotation. In `RotateSecret`, you can set the rotation schedule in `RotationRules` with `AutomaticallyAfterDays` or `ScheduleExpression`, but not both. To set a rotation schedule in hours, use `ScheduleExpression`.

Returns:

  • (Integer)

1878
1879
1880
1881
1882
1883
1884
# File 'lib/aws-sdk-secretsmanager/types.rb', line 1878

class RotationRulesType < Struct.new(
  :automatically_after_days,
  :duration,
  :schedule_expression)
  SENSITIVE = []
  include Aws::Structure
end

#durationString

The length of the rotation window in hours, for example `3h` for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the `ScheduleExpression`. If you don't specify a `Duration`, for a `ScheduleExpression` in hours, the window automatically closes after one hour. For a `ScheduleExpression` in days, the window automatically closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation] in the *Secrets Manager Users Guide*.

[1]: docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html

Returns:

  • (String)

1878
1879
1880
1881
1882
1883
1884
# File 'lib/aws-sdk-secretsmanager/types.rb', line 1878

class RotationRulesType < Struct.new(
  :automatically_after_days,
  :duration,
  :schedule_expression)
  SENSITIVE = []
  include Aws::Structure
end

#schedule_expressionString

A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.

Secrets Manager `rate()` expressions represent the interval in hours or days that you want to rotate your secret, for example `rate(12 hours)` or `rate(10 days)`. You can rotate a secret as often as every four hours. If you use a `rate()` expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.

You can use a `cron()` expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see [Schedule expressions in Secrets Manager rotation] in the *Secrets Manager Users Guide*. For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.

[1]: docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html

Returns:

  • (String)

1878
1879
1880
1881
1882
1883
1884
# File 'lib/aws-sdk-secretsmanager/types.rb', line 1878

class RotationRulesType < Struct.new(
  :automatically_after_days,
  :duration,
  :schedule_expression)
  SENSITIVE = []
  include Aws::Structure
end