A list of Regions and KMS keys to replicate secrets.

BinarySecretRef points to the Kubernetes Secret whose data will be encoded as binary data to AWS. If key parameter is given, only the value of that key will be used. Otherwise, all data in the Secret will be marshalled into JSON and sent to AWS.

KMSKeyIDRef is a reference to an kms/v1alpha1.Key used to set the KMSKeyID field.

KMSKeyIDSelector selects references to kms/v1alpha1.Key used to set the KMSKeyID.

StringSecretRef points to the Kubernetes Secret whose data will be sent as string to AWS. If key parameter is given, only the value of that key will be used. Otherwise, all data in the Secret will be marshalled into JSON and sent to AWS.

A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example: [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}] Secrets Manager tag key names are case sensitive. A tag with the key "ABC" is a different tag from one with key "abc". If you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an Access Denied error. For more information, see Control access to secrets using tags (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and Limit access to identities with tags that match secrets' tags (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2). For information about how to format a JSON parameter for the various command line tool environments, see Using JSON for Parameters (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json). If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text. The following restrictions apply to tags:

• Maximum number of tags per secret: 50
• Maximum key length: 127 Unicode characters in UTF-8
• Maximum value length: 255 Unicode characters in UTF-8
• Tag keys and values are case sensitive.
• Do not use the aws: prefix in your tag names or values because Amazon Web Services reserves it for Amazon Web Services use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.
• If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.

Policies for referencing.

Policies for referencing.

SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret.

Metadata is the metadata for connection secret.

A list of the replicas of this secret and their status:

• Failed, which indicates that the replica was not created.
• InProgress, which indicates that Secrets Manager is in the process of creating the replica.
• InSync, which indicates that the replica was created.