AWS::SecretsManager::RotationSchedule ko

matteoredaelli · December 14, 2021, 9:36pm

I’m trying to implement aws secrets rotation using the serverless framework (Adding hosted secrets rotation Lambda to an RDS stack | Alex Harvey)

  AppGraphqDbAppsSecretRotationSchedule:
    Type: AWS::SecretsManager::RotationSchedule
    Properties:
      SecretId: !Ref AppGraphqlDbAppsSecretsManagerSecret
      HostedRotationLambda:
        RotationType: PostgreSQLSingleUser
      RotationRules:
        AutomaticallyAfterDays: 30

But I get the error

 To use the HostedRotationLambda property, you must use the AWS::SecretsManager transform.

Probably I need to add “Transform: AWS::SecretsManager-2020-07-23” somewhere: where?

Below a working Aws Cloudformation template

AWSTemplateFormatVersion: 2010-09-09
Description: Rotation Lambda example stack
Transform: AWS::SecretsManager-2020-07-23

Parameters: {}

Resources:

Topic		Replies	Views
Core encryption key management framework for serverless Serverless Framework	2	2083	March 18, 2018
iamRoleStatements not created to access Secrets Manager from Lambda Serverless Framework aws , lambda	2	6745	December 31, 2019
Resolving the provider.role from Secret manager Serverless Framework cloudformation	0	1902	October 19, 2020
How to Add iamRoleStatements to S3 Trigger Bucket Serverless Framework aws	3	11638	September 7, 2017
CloudFormation - CREATE_FAILED while using existing s3 bucket without `iam:CreateRole` Serverless Framework aws , lambda , security , cloudformation , iam	3	2511	August 3, 2023

AWS::SecretsManager::RotationSchedule ko

Related Topics