Class SecretStringGenerator
Configuration to generate secrets such as passwords automatically.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.SecretsManager
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class SecretStringGenerator : Object, ISecretStringGenerator
Syntax (vb)
Public Class SecretStringGenerator
Inherits Object
Implements ISecretStringGenerator
Remarks
ExampleMetadata: infused
Examples
IVpc vpc;
var instance1 = new DatabaseInstance(this, "PostgresInstance1", new DatabaseInstanceProps {
Engine = DatabaseInstanceEngine.POSTGRES,
// Generate the secret with admin username `postgres` and random password
Credentials = Credentials.FromGeneratedSecret("postgres"),
Vpc = vpc
});
// Templated secret with username and password fields
var templatedSecret = new Secret(this, "TemplatedSecret", new SecretProps {
GenerateSecretString = new SecretStringGenerator {
SecretStringTemplate = JSON.Stringify(new Dictionary<string, string> { { "username", "postgres" } }),
GenerateStringKey = "password",
ExcludeCharacters = "/@\""
}
});
// Using the templated secret as credentials
var instance2 = new DatabaseInstance(this, "PostgresInstance2", new DatabaseInstanceProps {
Engine = DatabaseInstanceEngine.POSTGRES,
Credentials = new Dictionary<string, object> {
{ "username", templatedSecret.SecretValueFromJson("username").ToString() },
{ "password", templatedSecret.SecretValueFromJson("password") }
},
Vpc = vpc
});
Synopsis
Constructors
SecretStringGenerator() |
Properties
ExcludeCharacters | A string that includes characters that shouldn't be included in the generated password. |
ExcludeLowercase | Specifies that the generated password shouldn't include lowercase letters. |
ExcludeNumbers | Specifies that the generated password shouldn't include digits. |
ExcludePunctuation | Specifies that the generated password shouldn't include punctuation characters. |
ExcludeUppercase | Specifies that the generated password shouldn't include uppercase letters. |
GenerateStringKey | The JSON key name that's used to add the generated password to the JSON structure specified by the |
IncludeSpace | Specifies that the generated password can include the space character. |
PasswordLength | The desired length of the generated password. |
RequireEachIncludedType | Specifies whether the generated password must include at least one of every allowed character type. |
SecretStringTemplate | A properly structured JSON string that the generated password can be added to. |
Constructors
SecretStringGenerator()
public SecretStringGenerator()
Properties
ExcludeCharacters
A string that includes characters that shouldn't be included in the generated password.
public string ExcludeCharacters { get; set; }
Property Value
System.String
Remarks
The string can be a minimum
of 0
and a maximum of 4096
characters long.
Default: no exclusions
ExcludeLowercase
Specifies that the generated password shouldn't include lowercase letters.
public Nullable<bool> ExcludeLowercase { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
ExcludeNumbers
Specifies that the generated password shouldn't include digits.
public Nullable<bool> ExcludeNumbers { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
ExcludePunctuation
Specifies that the generated password shouldn't include punctuation characters.
public Nullable<bool> ExcludePunctuation { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
ExcludeUppercase
Specifies that the generated password shouldn't include uppercase letters.
public Nullable<bool> ExcludeUppercase { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
GenerateStringKey
The JSON key name that's used to add the generated password to the JSON structure specified by the secretStringTemplate
parameter.
public string GenerateStringKey { get; set; }
Property Value
System.String
Remarks
If you specify generateStringKey
then secretStringTemplate
must be also be specified.
IncludeSpace
Specifies that the generated password can include the space character.
public Nullable<bool> IncludeSpace { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
PasswordLength
The desired length of the generated password.
public Nullable<double> PasswordLength { get; set; }
Property Value
System.Nullable<System.Double>
Remarks
Default: 32
RequireEachIncludedType
Specifies whether the generated password must include at least one of every allowed character type.
public Nullable<bool> RequireEachIncludedType { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: true
SecretStringTemplate
A properly structured JSON string that the generated password can be added to.
public string SecretStringTemplate { get; set; }
Property Value
System.String
Remarks
The generateStringKey
is
combined with the generated random string and inserted into the JSON structure that's specified by this parameter.
The merged JSON string is returned as the completed SecretString of the secret. If you specify secretStringTemplate
then generateStringKey
must be also be specified.