Interface IDatabaseSecretProps
Construction properties for a DatabaseSecret.
Namespace: Amazon.CDK.AWS.RDS
Assembly: Amazon.CDK.AWS.RDS.dll
Syntax (csharp)
public interface IDatabaseSecretPropsSyntax (vb)
Public Interface IDatabaseSecretPropsRemarks
ExampleMetadata: infused
Examples
DatabaseInstance instance;
var myUserSecret = new DatabaseSecret(this, "MyUserSecret", new DatabaseSecretProps {
Username = "myuser",
SecretName = "my-user-secret", // optional, defaults to a CloudFormation-generated name
MasterSecret = instance.Secret,
ExcludeCharacters = "{}[]()'\"/\\"
});
var myUserSecretAttached = myUserSecret.Attach(instance); // Adds DB connections information in the secret
instance.AddRotationMultiUser("MyUser", new RotationMultiUserOptions { // Add rotation using the multi user scheme
Secret = myUserSecretAttached });Synopsis
Properties
| EncryptionKey | The KMS key to use to encrypt the secret. |
| ExcludeCharacters | |
| MasterSecret | The master secret which will be used to rotate this secret. |
| ReplaceOnPasswordCriteriaChanges | Whether to replace this secret when the criteria for the password change. |
| ReplicaRegions | A list of regions where to replicate this secret. |
| SecretName | A name for the secret. |
| Username | The username. |
Properties
EncryptionKey
The KMS key to use to encrypt the secret.
virtual IKey EncryptionKey { get; }Property Value
Remarks
Default: default master key
ExcludeCharacters
virtual string ExcludeCharacters { get; }Property Value
System.String
MasterSecret
The master secret which will be used to rotate this secret.
virtual ISecret MasterSecret { get; }Property Value
Remarks
Default: - no master secret information will be included
ReplaceOnPasswordCriteriaChanges
Whether to replace this secret when the criteria for the password change.
virtual Nullable<bool> ReplaceOnPasswordCriteriaChanges { get; }Property Value
System.Nullable<System.Boolean>
Remarks
This is achieved by overriding the logical id of the AWS::SecretsManager::Secret with a hash of the options that influence the password generation. This way a new secret will be created when the password is regenerated and the cluster or instance consuming this secret will have its credentials updated.
Default: false
ReplicaRegions
A list of regions where to replicate this secret.
virtual IReplicaRegion[] ReplicaRegions { get; }Property Value
Remarks
Default: - Secret is not replicated
SecretName
A name for the secret.
virtual string SecretName { get; }Property Value
System.String
Remarks
Default: - A name is generated by CloudFormation.
Username
The username.
string Username { get; }Property Value
System.String