DatabaseSecretProps

class aws_cdk.aws_docdb.DatabaseSecretProps(*, username, encryption_key=None, exclude_characters=None, master_secret=None, secret_name=None)

Bases: object

Construction properties for a DatabaseSecret.

Parameters:

  • username (str) – The username.

  • encryption_key (Optional[IKey]) – The KMS key to use to encrypt the secret. Default: default master key

  • exclude_characters (Optional[str]) – Characters to not include in the generated password. Default: “”@/”

  • master_secret (Optional[ISecret]) – The master secret which will be used to rotate this secret. Default: - no master secret information will be included

  • secret_name (Optional[str]) – The physical name of the secret. Default: Secretsmanager will generate a physical name for the secret

ExampleMetadata:

infused

Example:

# cluster: docdb.DatabaseCluster

my_user_secret = docdb.DatabaseSecret(self, "MyUserSecret",
    username="myuser",
    master_secret=cluster.secret
)
my_user_secret_attached = my_user_secret.attach(cluster) # Adds DB connections information in the secret

cluster.add_rotation_multi_user("MyUser",  # Add rotation using the multi user scheme
    secret=my_user_secret_attached)

Attributes

encryption_key

The KMS key to use to encrypt the secret.

Default:

default master key

exclude_characters

Characters to not include in the generated password.

Default:

“”@/”

master_secret

The master secret which will be used to rotate this secret.

Default:

  • no master secret information will be included

secret_name

The physical name of the secret.

Default:

Secretsmanager will generate a physical name for the secret

username

The username.