Class DatabaseSecretProps
Construction properties for a DatabaseSecret.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.RDS
Assembly: Amazon.CDK.AWS.RDS.dll
Syntax (csharp)
public class DatabaseSecretProps : Object, IDatabaseSecretProps
Syntax (vb)
Public Class DatabaseSecretProps
Inherits Object
Implements IDatabaseSecretProps
Remarks
ExampleMetadata: infused
Examples
DatabaseInstance instance;
var myUserSecret = new DatabaseSecret(this, "MyUserSecret", new DatabaseSecretProps {
Username = "myuser",
SecretName = "my-user-secret", // optional, defaults to a CloudFormation-generated name
MasterSecret = instance.Secret,
ExcludeCharacters = "{}[]()'\"/\\"
});
var myUserSecretAttached = myUserSecret.Attach(instance); // Adds DB connections information in the secret
instance.AddRotationMultiUser("MyUser", new RotationMultiUserOptions { // Add rotation using the multi user scheme
Secret = myUserSecretAttached });
Synopsis
Constructors
DatabaseSecretProps() |
Properties
EncryptionKey | The KMS key to use to encrypt the secret. |
ExcludeCharacters | |
MasterSecret | The master secret which will be used to rotate this secret. |
ReplaceOnPasswordCriteriaChanges | Whether to replace this secret when the criteria for the password change. |
ReplicaRegions | A list of regions where to replicate this secret. |
SecretName | A name for the secret. |
Username | The username. |
Constructors
DatabaseSecretProps()
public DatabaseSecretProps()
Properties
EncryptionKey
The KMS key to use to encrypt the secret.
public IKey EncryptionKey { get; set; }
Property Value
Remarks
Default: default master key
ExcludeCharacters
public string ExcludeCharacters { get; set; }
Property Value
System.String
MasterSecret
The master secret which will be used to rotate this secret.
public ISecret MasterSecret { get; set; }
Property Value
Remarks
Default: - no master secret information will be included
ReplaceOnPasswordCriteriaChanges
Whether to replace this secret when the criteria for the password change.
public Nullable<bool> ReplaceOnPasswordCriteriaChanges { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
This is achieved by overriding the logical id of the AWS::SecretsManager::Secret with a hash of the options that influence the password generation. This way a new secret will be created when the password is regenerated and the cluster or instance consuming this secret will have its credentials updated.
Default: false
ReplicaRegions
A list of regions where to replicate this secret.
public IReplicaRegion[] ReplicaRegions { get; set; }
Property Value
Remarks
Default: - Secret is not replicated
SecretName
A name for the secret.
public string SecretName { get; set; }
Property Value
System.String
Remarks
Default: - A name is generated by CloudFormation.
Username
The username.
public string Username { get; set; }
Property Value
System.String