Package software.amazon.awscdk.services.rds

Interface DatabaseSecretProps

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

DatabaseSecretProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
           date="2023-06-19T16:30:49.173Z")
@Stability(Stable)
public interface DatabaseSecretProps
extends software.amazon.jsii.JsiiSerializable

Construction properties for a DatabaseSecret.

Example:

 DatabaseInstance instance;
 DatabaseSecret myUserSecret = DatabaseSecret.Builder.create(this, "MyUserSecret")
         .username("myuser")
         .secretName("my-user-secret") // optional, defaults to a CloudFormation-generated name
         .masterSecret(instance.getSecret())
         .excludeCharacters("{}[]()'\"/\\")
         .build();
 ISecret myUserSecretAttached = myUserSecret.attach(instance); // Adds DB connections information in the secret
 instance.addRotationMultiUser("MyUser", RotationMultiUserOptions.builder() // Add rotation using the multi user scheme
         .secret(myUserSecretAttached).build());
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	DatabaseSecretProps.Builder	A builder for DatabaseSecretProps
static final class	DatabaseSecretProps.Jsii$Proxy	An implementation for DatabaseSecretProps

Method Summary

Modifier and Type	Method	Description
static DatabaseSecretProps.Builder	builder()
default IKey	getEncryptionKey()	The KMS key to use to encrypt the secret.
default String	getExcludeCharacters()	Characters to not include in the generated password.
default ISecret	getMasterSecret()	The master secret which will be used to rotate this secret.
default Boolean	getReplaceOnPasswordCriteriaChanges()	Whether to replace this secret when the criteria for the password change.
default List<ReplicaRegion>	getReplicaRegions()	A list of regions where to replicate this secret.
default String	getSecretName()	A name for the secret.
String	getUsername()	The username.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getUsername

@Stability(Stable)
@NotNull
String getUsername()

The username.

getEncryptionKey

@Stability(Stable)
@Nullable
default IKey getEncryptionKey()

The KMS key to use to encrypt the secret.

Default: default master key

getExcludeCharacters

@Stability(Stable)
@Nullable
default String getExcludeCharacters()

Characters to not include in the generated password.

Default: " %+~`#$invalid input: '&'*()|[]{}:;invalid input: '<'>?!'/

getMasterSecret

@Stability(Stable)
@Nullable
default ISecret getMasterSecret()

The master secret which will be used to rotate this secret.

Default: - no master secret information will be included

getReplaceOnPasswordCriteriaChanges

@Stability(Stable)
@Nullable
default Boolean getReplaceOnPasswordCriteriaChanges()

Whether to replace this secret when the criteria for the password change.

This is achieved by overriding the logical id of the AWS::SecretsManager::Secret with a hash of the options that influence the password generation. This way a new secret will be created when the password is regenerated and the cluster or instance consuming this secret will have its credentials updated.

Default: false

getReplicaRegions

@Stability(Stable)
@Nullable
default List<ReplicaRegion> getReplicaRegions()

A list of regions where to replicate this secret.

Default: - Secret is not replicated

getSecretName

@Stability(Stable)
@Nullable
default String getSecretName()

A name for the secret.

Default: - A name is generated by CloudFormation.

builder

@Stability(Stable)
static DatabaseSecretProps.Builder builder()

Returns:

a DatabaseSecretProps.Builder of DatabaseSecretProps