Class Credentials
Username and password combination.
Namespace: Amazon.CDK.AWS.RDS
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public abstract class Credentials : DeputyBaseSyntax (vb)
Public MustInherit Class Credentials Inherits DeputyBaseRemarks
ExampleMetadata: infused
Examples
// Build a data source for AppSync to access the database.
GraphqlApi api;
// Create username and password secret for DB Cluster
var secret = new DatabaseSecret(this, "AuroraSecret", new DatabaseSecretProps {
Username = "clusteradmin"
});
// The VPC to place the cluster in
var vpc = new Vpc(this, "AuroraVpc");
// Create the serverless cluster, provide all values needed to customise the database.
var cluster = new DatabaseCluster(this, "AuroraClusterV2", new DatabaseClusterProps {
Engine = DatabaseClusterEngine.AuroraPostgres(new AuroraPostgresClusterEngineProps { Version = AuroraPostgresEngineVersion.VER_15_5 }),
Credentials = new Dictionary<string, string> { { "username", "clusteradmin" } },
ClusterIdentifier = "db-endpoint-test",
Writer = ClusterInstance.ServerlessV2("writer"),
ServerlessV2MinCapacity = 2,
ServerlessV2MaxCapacity = 10,
Vpc = vpc,
DefaultDatabaseName = "demos",
EnableDataApi = true
});
var rdsDS = api.AddRdsDataSourceV2("rds", cluster, secret, "demos");
// Set up a resolver for an RDS query.
rdsDS.CreateResolver("QueryGetDemosRdsResolver", new BaseResolverProps {
TypeName = "Query",
FieldName = "getDemosRds",
RequestMappingTemplate = MappingTemplate.FromString(@"
{
""version"": ""2018-05-29"",
""statements"": [
""SELECT * FROM demos""
]
}
"),
ResponseMappingTemplate = MappingTemplate.FromString(@"
$utils.toJson($utils.rds.toJsonObject($ctx.result)[0])
")
});
// Set up a resolver for an RDS mutation.
rdsDS.CreateResolver("MutationAddDemoRdsResolver", new BaseResolverProps {
TypeName = "Mutation",
FieldName = "addDemoRds",
RequestMappingTemplate = MappingTemplate.FromString(@"
{
""version"": ""2018-05-29"",
""statements"": [
""INSERT INTO demos VALUES (:id, :version)"",
""SELECT * WHERE id = :id""
],
""variableMap"": {
"":id"": $util.toJson($util.autoId()),
"":version"": $util.toJson($ctx.args.version)
}
}
"),
ResponseMappingTemplate = MappingTemplate.FromString(@"
$utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])
")
});Synopsis
Constructors
| Credentials() | Username and password combination. |
Properties
| EncryptionKey | KMS encryption key to encrypt the generated secret. |
| ExcludeCharacters | Username and password combination. |
| Password | Password. |
| ReplicaRegions | A list of regions where to replicate the generated secret. |
| Secret | Secret used to instantiate this Login. |
| SecretName | The name to use for the Secret if a new Secret is to be generated in SecretsManager for these Credentials. |
| Username | Username. |
| UsernameAsString | Whether the username should be referenced as a string and not as a dynamic reference to the username in the secret. |
Methods
| FromGeneratedSecret(string, ICredentialsBaseOptions?) | Creates Credentials with a password generated and stored in Secrets Manager. |
| FromPassword(string, SecretValue) | Creates Credentials from a password. |
| FromSecret(ISecret, string?) | Creates Credentials from an existing Secrets Manager |
| FromUsername(string, ICredentialsFromUsernameOptions?) | Creates Credentials for the given username, and optional password and key. |
Constructors
Credentials()
Username and password combination.
protected Credentials()Remarks
ExampleMetadata: infused
Examples
// Build a data source for AppSync to access the database.
GraphqlApi api;
// Create username and password secret for DB Cluster
var secret = new DatabaseSecret(this, "AuroraSecret", new DatabaseSecretProps {
Username = "clusteradmin"
});
// The VPC to place the cluster in
var vpc = new Vpc(this, "AuroraVpc");
// Create the serverless cluster, provide all values needed to customise the database.
var cluster = new DatabaseCluster(this, "AuroraClusterV2", new DatabaseClusterProps {
Engine = DatabaseClusterEngine.AuroraPostgres(new AuroraPostgresClusterEngineProps { Version = AuroraPostgresEngineVersion.VER_15_5 }),
Credentials = new Dictionary<string, string> { { "username", "clusteradmin" } },
ClusterIdentifier = "db-endpoint-test",
Writer = ClusterInstance.ServerlessV2("writer"),
ServerlessV2MinCapacity = 2,
ServerlessV2MaxCapacity = 10,
Vpc = vpc,
DefaultDatabaseName = "demos",
EnableDataApi = true
});
var rdsDS = api.AddRdsDataSourceV2("rds", cluster, secret, "demos");
// Set up a resolver for an RDS query.
rdsDS.CreateResolver("QueryGetDemosRdsResolver", new BaseResolverProps {
TypeName = "Query",
FieldName = "getDemosRds",
RequestMappingTemplate = MappingTemplate.FromString(@"
{
""version"": ""2018-05-29"",
""statements"": [
""SELECT * FROM demos""
]
}
"),
ResponseMappingTemplate = MappingTemplate.FromString(@"
$utils.toJson($utils.rds.toJsonObject($ctx.result)[0])
")
});
// Set up a resolver for an RDS mutation.
rdsDS.CreateResolver("MutationAddDemoRdsResolver", new BaseResolverProps {
TypeName = "Mutation",
FieldName = "addDemoRds",
RequestMappingTemplate = MappingTemplate.FromString(@"
{
""version"": ""2018-05-29"",
""statements"": [
""INSERT INTO demos VALUES (:id, :version)"",
""SELECT * WHERE id = :id""
],
""variableMap"": {
"":id"": $util.toJson($util.autoId()),
"":version"": $util.toJson($ctx.args.version)
}
}
"),
ResponseMappingTemplate = MappingTemplate.FromString(@"
$utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])
")
});Properties
EncryptionKey
KMS encryption key to encrypt the generated secret.
public abstract IKey? EncryptionKey { get; }Property Value
Remarks
Default: - default master key
ExcludeCharacters
Username and password combination.
public abstract string? ExcludeCharacters { get; }Property Value
Remarks
ExampleMetadata: infused
Examples
// Build a data source for AppSync to access the database.
GraphqlApi api;
// Create username and password secret for DB Cluster
var secret = new DatabaseSecret(this, "AuroraSecret", new DatabaseSecretProps {
Username = "clusteradmin"
});
// The VPC to place the cluster in
var vpc = new Vpc(this, "AuroraVpc");
// Create the serverless cluster, provide all values needed to customise the database.
var cluster = new DatabaseCluster(this, "AuroraClusterV2", new DatabaseClusterProps {
Engine = DatabaseClusterEngine.AuroraPostgres(new AuroraPostgresClusterEngineProps { Version = AuroraPostgresEngineVersion.VER_15_5 }),
Credentials = new Dictionary<string, string> { { "username", "clusteradmin" } },
ClusterIdentifier = "db-endpoint-test",
Writer = ClusterInstance.ServerlessV2("writer"),
ServerlessV2MinCapacity = 2,
ServerlessV2MaxCapacity = 10,
Vpc = vpc,
DefaultDatabaseName = "demos",
EnableDataApi = true
});
var rdsDS = api.AddRdsDataSourceV2("rds", cluster, secret, "demos");
// Set up a resolver for an RDS query.
rdsDS.CreateResolver("QueryGetDemosRdsResolver", new BaseResolverProps {
TypeName = "Query",
FieldName = "getDemosRds",
RequestMappingTemplate = MappingTemplate.FromString(@"
{
""version"": ""2018-05-29"",
""statements"": [
""SELECT * FROM demos""
]
}
"),
ResponseMappingTemplate = MappingTemplate.FromString(@"
$utils.toJson($utils.rds.toJsonObject($ctx.result)[0])
")
});
// Set up a resolver for an RDS mutation.
rdsDS.CreateResolver("MutationAddDemoRdsResolver", new BaseResolverProps {
TypeName = "Mutation",
FieldName = "addDemoRds",
RequestMappingTemplate = MappingTemplate.FromString(@"
{
""version"": ""2018-05-29"",
""statements"": [
""INSERT INTO demos VALUES (:id, :version)"",
""SELECT * WHERE id = :id""
],
""variableMap"": {
"":id"": $util.toJson($util.autoId()),
"":version"": $util.toJson($ctx.args.version)
}
}
"),
ResponseMappingTemplate = MappingTemplate.FromString(@"
$utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])
")
});Password
Password.
public abstract SecretValue? Password { get; }Property Value
Remarks
Do not put passwords in your CDK code directly.
Default: - a Secrets Manager generated password
ReplicaRegions
A list of regions where to replicate the generated secret.
public abstract IReplicaRegion[]? ReplicaRegions { get; }Property Value
Remarks
Default: - Secret is not replicated
Secret
Secret used to instantiate this Login.
public abstract ISecret? Secret { get; }Property Value
Remarks
Default: - none
SecretName
The name to use for the Secret if a new Secret is to be generated in SecretsManager for these Credentials.
public abstract string? SecretName { get; }Property Value
Remarks
Default: - A name is generated by CloudFormation.
Username
Username.
public abstract string Username { get; }Property Value
Remarks
ExampleMetadata: infused
UsernameAsString
Whether the username should be referenced as a string and not as a dynamic reference to the username in the secret.
public abstract bool? UsernameAsString { get; }Property Value
bool?
Remarks
Default: false
Methods
FromGeneratedSecret(string, ICredentialsBaseOptions?)
Creates Credentials with a password generated and stored in Secrets Manager.
public static Credentials FromGeneratedSecret(string username, ICredentialsBaseOptions? options = null)Parameters
- username string
- options ICredentialsBaseOptions
Returns
Remarks
ExampleMetadata: infused
FromPassword(string, SecretValue)
Creates Credentials from a password.
public static Credentials FromPassword(string username, SecretValue password)Parameters
- username string
- password SecretValue
Returns
Remarks
Do not put passwords in your CDK code directly.
FromSecret(ISecret, string?)
Creates Credentials from an existing Secrets Manager Secret (or DatabaseSecret).
public static Credentials FromSecret(ISecret secret, string? username = null)Parameters
- secret ISecret
The secret where the credentials are stored.
- username string
The username defined in the secret.
Returns
Remarks
The Secret must be a JSON string with a username and password field:
{
...
"username": <required: username>,
"password": <required: password>,
}FromUsername(string, ICredentialsFromUsernameOptions?)
Creates Credentials for the given username, and optional password and key.
public static Credentials FromUsername(string username, ICredentialsFromUsernameOptions? options = null)Parameters
- username string
- options ICredentialsFromUsernameOptions
Returns
Remarks
If no password is provided, one will be generated and stored in Secrets Manager.