Package software.amazon.awscdk.services.rds

Class Credentials

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.rds.Credentials
All Implemented Interfaces:
software.amazon.jsii.JsiiSerializable
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:49.084Z") @Stability(Stable) public abstract class Credentials extends software.amazon.jsii.JsiiObject
Username and password combination.

Example: 

 // Build a data source for AppSync to access the database.
 GraphqlApi api;
 // Create username and password secret for DB Cluster
 DatabaseSecret secret = DatabaseSecret.Builder.create(this, "AuroraSecret")
         .username("clusteradmin")
         .build();
 // The VPC to place the cluster in
 Vpc vpc = new Vpc(this, "AuroraVpc");
 // Create the serverless cluster, provide all values needed to customise the database.
 ServerlessCluster cluster = ServerlessCluster.Builder.create(this, "AuroraCluster")
         .engine(DatabaseClusterEngine.AURORA_MYSQL)
         .vpc(vpc)
         .credentials(Map.of("username", "clusteradmin"))
         .clusterIdentifier("db-endpoint-test")
         .defaultDatabaseName("demos")
         .build();
 RdsDataSource rdsDS = api.addRdsDataSource("rds", cluster, secret, "demos");
 // Set up a resolver for an RDS query.
 rdsDS.createResolver(BaseResolverProps.builder()
         .typeName("Query")
         .fieldName("getDemosRds")
         .requestMappingTemplate(MappingTemplate.fromString("\n  {\n    \"version\": \"2018-05-29\",\n    \"statements\": [\n      \"SELECT * FROM demos\"\n    ]\n  }\n  "))
         .responseMappingTemplate(MappingTemplate.fromString("\n    $utils.toJson($utils.rds.toJsonObject($ctx.result)[0])\n  "))
         .build());
 // Set up a resolver for an RDS mutation.
 rdsDS.createResolver(BaseResolverProps.builder()
         .typeName("Mutation")
         .fieldName("addDemoRds")
         .requestMappingTemplate(MappingTemplate.fromString("\n  {\n    \"version\": \"2018-05-29\",\n    \"statements\": [\n      \"INSERT INTO demos VALUES (:id, :version)\",\n      \"SELECT * WHERE id = :id\"\n    ],\n    \"variableMap\": {\n      \":id\": $util.toJson($util.autoId()),\n      \":version\": $util.toJson($ctx.args.version)\n    }\n  }\n  "))
         .responseMappingTemplate(MappingTemplate.fromString("\n    $utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])\n  "))
         .build());

  • Constructor Details

    • Credentials

      protected Credentials(software.amazon.jsii.JsiiObjectRef objRef)

    • Credentials

      protected Credentials(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • Credentials

      @Stability(Stable) protected Credentials()

  • Method Details

    • fromGeneratedSecret

      @Stability(Stable) @NotNull public static Credentials fromGeneratedSecret(@NotNull String username, @Nullable CredentialsBaseOptions options)
      Creates Credentials with a password generated and stored in Secrets Manager.

      Parameters:
      username - This parameter is required.
      options -

    • fromGeneratedSecret

      @Stability(Stable) @NotNull public static Credentials fromGeneratedSecret(@NotNull String username)
      Creates Credentials with a password generated and stored in Secrets Manager.

      Parameters:
      username - This parameter is required.

    • fromPassword

      @Stability(Stable) @NotNull public static Credentials fromPassword(@NotNull String username, @NotNull SecretValue password)
      Creates Credentials from a password.

      Do not put passwords in your CDK code directly.

      Parameters:
      username - This parameter is required.
      password - This parameter is required.

    • fromSecret

      @Stability(Stable) @NotNull public static Credentials fromSecret(@NotNull ISecret secret, @Nullable String username)
      Creates Credentials from an existing Secrets Manager Secret (or DatabaseSecret).

      The Secret must be a JSON string with a username and password field: 

       {
    ...
    "username": <required: username>,
    "password": <required: password>,
 }

      Parameters:
      secret - The secret where the credentials are stored. This parameter is required.
      username - The username defined in the secret.

    • fromSecret

      @Stability(Stable) @NotNull public static Credentials fromSecret(@NotNull ISecret secret)
      Creates Credentials from an existing Secrets Manager Secret (or DatabaseSecret).

      The Secret must be a JSON string with a username and password field: 

       {
    ...
    "username": <required: username>,
    "password": <required: password>,
 }

      Parameters:
      secret - The secret where the credentials are stored. This parameter is required.

    • fromUsername

      @Stability(Stable) @NotNull public static Credentials fromUsername(@NotNull String username, @Nullable CredentialsFromUsernameOptions options)
      Creates Credentials for the given username, and optional password and key.

      If no password is provided, one will be generated and stored in Secrets Manager.

      Parameters:
      username - This parameter is required.
      options -

    • fromUsername

      @Stability(Stable) @NotNull public static Credentials fromUsername(@NotNull String username)
      Creates Credentials for the given username, and optional password and key.

      If no password is provided, one will be generated and stored in Secrets Manager.

      Parameters:
      username - This parameter is required.

    • getUsername

      @Stability(Stable) @NotNull public abstract String getUsername()
      Username.

    • getEncryptionKey

      @Stability(Stable) @Nullable public abstract IKey getEncryptionKey()
      KMS encryption key to encrypt the generated secret.

      Default: - default master key

    • getExcludeCharacters

      @Stability(Stable) @Nullable public abstract String getExcludeCharacters()
      The characters to exclude from the generated password.

      Only used if

      invalid @link 
      password
      has not been set.

      Default: - the DatabaseSecret default exclude character set (" %+~`#$invalid input: '&'*()|[]{}:;invalid input: '<'>?!'/

    • getPassword

      @Stability(Stable) @Nullable public abstract SecretValue getPassword()
      Password.

      Do not put passwords in your CDK code directly.

      Default: - a Secrets Manager generated password

    • getReplicaRegions

      @Stability(Stable) @Nullable public abstract List<ReplicaRegion> getReplicaRegions()
      A list of regions where to replicate the generated secret.

      Default: - Secret is not replicated

    • getSecret

      @Stability(Stable) @Nullable public abstract ISecret getSecret()
      Secret used to instantiate this Login.

      Default: - none

    • getSecretName

      @Stability(Stable) @Nullable public abstract String getSecretName()
      The name to use for the Secret if a new Secret is to be generated in SecretsManager for these Credentials.

      Default: - A name is generated by CloudFormation.

    • getUsernameAsString

      @Stability(Stable) @Nullable public abstract Boolean getUsernameAsString()
      Whether the username should be referenced as a string and not as a dynamic reference to the username in the secret.

      Default: false