Class DatabaseSecretProps

Construction properties for a DatabaseSecret.

Inheritance

System.Object

DatabaseSecretProps

Implements

IDatabaseSecretProps

Namespace: Amazon.CDK.AWS.RDS

Assembly: Amazon.CDK.AWS.RDS.dll

Syntax (csharp)

public class DatabaseSecretProps : Object, IDatabaseSecretProps

Syntax (vb)

Public Class DatabaseSecretProps
    Inherits Object
    Implements IDatabaseSecretProps

Remarks

ExampleMetadata: infused

Examples

DatabaseInstance instance;

var myUserSecret = new DatabaseSecret(this, "MyUserSecret", new DatabaseSecretProps {
    Username = "myuser",
    SecretName = "my-user-secret",  // optional, defaults to a CloudFormation-generated name
    MasterSecret = instance.Secret,
    ExcludeCharacters = "{}[]()'\"/\\"
});
var myUserSecretAttached = myUserSecret.Attach(instance); // Adds DB connections information in the secret

instance.AddRotationMultiUser("MyUser", new RotationMultiUserOptions {  // Add rotation using the multi user scheme
    Secret = myUserSecretAttached });

Synopsis

Constructors

DatabaseSecretProps()

Properties

EncryptionKey	The KMS key to use to encrypt the secret.
ExcludeCharacters
MasterSecret	The master secret which will be used to rotate this secret.
ReplaceOnPasswordCriteriaChanges	Whether to replace this secret when the criteria for the password change.
ReplicaRegions	A list of regions where to replicate this secret.
SecretName	A name for the secret.
Username	The username.

Constructors

DatabaseSecretProps()

public DatabaseSecretProps()

Properties

EncryptionKey

The KMS key to use to encrypt the secret.

public IKey EncryptionKey { get; set; }

Property Value

IKey

Remarks

Default: default master key

ExcludeCharacters

public string ExcludeCharacters { get; set; }

Property Value

System.String

MasterSecret

The master secret which will be used to rotate this secret.

public ISecret MasterSecret { get; set; }

Property Value

ISecret

Remarks

Default: - no master secret information will be included

ReplaceOnPasswordCriteriaChanges

Whether to replace this secret when the criteria for the password change.

public Nullable<bool> ReplaceOnPasswordCriteriaChanges { get; set; }

Property Value

System.Nullable<System.Boolean>

Remarks

This is achieved by overriding the logical id of the AWS::SecretsManager::Secret with a hash of the options that influence the password generation. This way a new secret will be created when the password is regenerated and the cluster or instance consuming this secret will have its credentials updated.

Default: false

ReplicaRegions

A list of regions where to replicate this secret.

public IReplicaRegion[] ReplicaRegions { get; set; }

Property Value

IReplicaRegion[]

Remarks

Default: - Secret is not replicated

SecretName

A name for the secret.

public string SecretName { get; set; }

Property Value

System.String

Remarks

Default: - A name is generated by CloudFormation.

Username

The username.

public string Username { get; set; }

Property Value

System.String

Implements

IDatabaseSecretProps