Class DatabaseSecretProps
Construction properties for a DatabaseSecret.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.RDS
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class DatabaseSecretProps : Object, IDatabaseSecretProps
Syntax (vb)
Public Class DatabaseSecretProps
Inherits Object
Implements IDatabaseSecretProps
Remarks
ExampleMetadata: infused
Examples
// Build a data source for AppSync to access the database.
GraphqlApi api;
// Create username and password secret for DB Cluster
var secret = new DatabaseSecret(this, "AuroraSecret", new DatabaseSecretProps {
Username = "clusteradmin"
});
// The VPC to place the cluster in
var vpc = new Vpc(this, "AuroraVpc");
// Create the serverless cluster, provide all values needed to customise the database.
var cluster = new ServerlessCluster(this, "AuroraCluster", new ServerlessClusterProps {
Engine = DatabaseClusterEngine.AURORA_MYSQL,
Vpc = vpc,
Credentials = new Dictionary<string, string> { { "username", "clusteradmin" } },
ClusterIdentifier = "db-endpoint-test",
DefaultDatabaseName = "demos"
});
var rdsDS = api.AddRdsDataSource("rds", cluster, secret, "demos");
// Set up a resolver for an RDS query.
rdsDS.CreateResolver("QueryGetDemosRdsResolver", new BaseResolverProps {
TypeName = "Query",
FieldName = "getDemosRds",
RequestMappingTemplate = MappingTemplate.FromString(@"
{
""version"": ""2018-05-29"",
""statements"": [
""SELECT * FROM demos""
]
}
"),
ResponseMappingTemplate = MappingTemplate.FromString(@"
$utils.toJson($utils.rds.toJsonObject($ctx.result)[0])
")
});
// Set up a resolver for an RDS mutation.
rdsDS.CreateResolver("MutationAddDemoRdsResolver", new BaseResolverProps {
TypeName = "Mutation",
FieldName = "addDemoRds",
RequestMappingTemplate = MappingTemplate.FromString(@"
{
""version"": ""2018-05-29"",
""statements"": [
""INSERT INTO demos VALUES (:id, :version)"",
""SELECT * WHERE id = :id""
],
""variableMap"": {
"":id"": $util.toJson($util.autoId()),
"":version"": $util.toJson($ctx.args.version)
}
}
"),
ResponseMappingTemplate = MappingTemplate.FromString(@"
$utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0])
")
});
Synopsis
Constructors
DatabaseSecretProps() |
Properties
Dbname | The database name, if not using the default one. |
EncryptionKey | The KMS key to use to encrypt the secret. |
ExcludeCharacters | |
MasterSecret | The master secret which will be used to rotate this secret. |
ReplaceOnPasswordCriteriaChanges | Whether to replace this secret when the criteria for the password change. |
ReplicaRegions | A list of regions where to replicate this secret. |
SecretName | A name for the secret. |
Username | The username. |
Constructors
DatabaseSecretProps()
public DatabaseSecretProps()
Properties
Dbname
The database name, if not using the default one.
public string Dbname { get; set; }
Property Value
System.String
Remarks
Default: - whatever the secret generates after the attach method is run
EncryptionKey
The KMS key to use to encrypt the secret.
public IKey EncryptionKey { get; set; }
Property Value
Remarks
Default: default master key
ExcludeCharacters
public string ExcludeCharacters { get; set; }
Property Value
System.String
MasterSecret
The master secret which will be used to rotate this secret.
public ISecret MasterSecret { get; set; }
Property Value
Remarks
Default: - no master secret information will be included
ReplaceOnPasswordCriteriaChanges
Whether to replace this secret when the criteria for the password change.
public Nullable<bool> ReplaceOnPasswordCriteriaChanges { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
This is achieved by overriding the logical id of the AWS::SecretsManager::Secret with a hash of the options that influence the password generation. This way a new secret will be created when the password is regenerated and the cluster or instance consuming this secret will have its credentials updated.
Default: false
ReplicaRegions
A list of regions where to replicate this secret.
public IReplicaRegion[] ReplicaRegions { get; set; }
Property Value
Remarks
Default: - Secret is not replicated
SecretName
A name for the secret.
public string SecretName { get; set; }
Property Value
System.String
Remarks
Default: - A name is generated by CloudFormation.
Username
The username.
public string Username { get; set; }
Property Value
System.String