CommonRotationUserOptions

class aws_cdk.aws_rds.CommonRotationUserOptions(*, automatically_after=None, endpoint=None, exclude_characters=None, vpc_subnets=None)

Bases: object

Properties common to single-user and multi-user rotation options.

Parameters

  • automatically_after (Optional[Duration]) – Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation. Default: - 30 days

  • endpoint (Optional[IInterfaceVpcEndpoint]) – The VPC interface endpoint to use for the Secrets Manager API. If you enable private DNS hostnames for your VPC private endpoint (the default), you don’t need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager CLI and SDKs use by default (https://secretsmanager..amazonaws.com) automatically resolves to your VPC endpoint. Default: https://secretsmanager..amazonaws.com

  • exclude_characters (Optional[str]) – Specifies characters to not include in generated passwords. Default: ” %+~`#$&*()|[]{}:;<>?!’/

  • vpc_subnets (Optional[SubnetSelection]) – Where to place the rotation Lambda function. Default: - same placement as instance or cluster

ExampleMetadata

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_ec2 as ec2
import aws_cdk.aws_rds as rds
import aws_cdk.core as cdk

# interface_vpc_endpoint: ec2.InterfaceVpcEndpoint
# subnet: ec2.Subnet
# subnet_filter: ec2.SubnetFilter

common_rotation_user_options = rds.CommonRotationUserOptions(
    automatically_after=cdk.Duration.minutes(30),
    endpoint=interface_vpc_endpoint,
    exclude_characters="excludeCharacters",
    vpc_subnets=ec2.SubnetSelection(
        availability_zones=["availabilityZones"],
        one_per_az=False,
        subnet_filters=[subnet_filter],
        subnet_group_name="subnetGroupName",
        subnet_name="subnetName",
        subnets=[subnet],
        subnet_type=ec2.SubnetType.ISOLATED
    )
)

Attributes

automatically_after

Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.

Default

  • 30 days

Return type

Optional[Duration]

endpoint

The VPC interface endpoint to use for the Secrets Manager API.

If you enable private DNS hostnames for your VPC private endpoint (the default), you don’t need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager CLI and SDKs use by default (https://secretsmanager..amazonaws.com) automatically resolves to your VPC endpoint.

Default

https://secretsmanager..amazonaws.com

Return type

Optional[IInterfaceVpcEndpoint]

exclude_characters

Specifies characters to not include in generated passwords.

Default

” %+~`#$&*()|[]{}:;<>?!’/

:: “"

Return type

Optional[str]

vpc_subnets

Where to place the rotation Lambda function.

Default

  • same placement as instance or cluster

Return type

Optional[SubnetSelection]