Class SnapshotCredentials
- All Implemented Interfaces:
software.amazon.jsii.JsiiSerializable
DatabaseInstanceFromSnapshot
.
Example:
Vpc vpc; IInstanceEngine engine = DatabaseInstanceEngine.postgres(PostgresInstanceEngineProps.builder().version(PostgresEngineVersion.VER_16_3).build()); Key myKey = new Key(this, "MyKey"); DatabaseInstanceFromSnapshot.Builder.create(this, "InstanceFromSnapshotWithCustomizedSecret") .engine(engine) .vpc(vpc) .snapshotIdentifier("mySnapshot") .credentials(SnapshotCredentials.fromGeneratedSecret("username", SnapshotCredentialsFromGeneratedPasswordOptions.builder() .encryptionKey(myKey) .excludeCharacters("!&*^#@()") .replicaRegions(List.of(ReplicaRegion.builder().region("eu-west-1").build(), ReplicaRegion.builder().region("eu-west-2").build())) .build())) .build();
-
Nested Class Summary
Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
-
Constructor Summary
ModifierConstructorDescriptionprotected
protected
SnapshotCredentials
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
SnapshotCredentials
(software.amazon.jsii.JsiiObjectRef objRef) -
Method Summary
Modifier and TypeMethodDescriptionstatic SnapshotCredentials
fromGeneratedPassword
(String username) Generate a new password for the snapshot, using the existing username and an optional encryption key.static SnapshotCredentials
fromGeneratedPassword
(String username, SnapshotCredentialsFromGeneratedPasswordOptions options) Generate a new password for the snapshot, using the existing username and an optional encryption key.static SnapshotCredentials
fromGeneratedSecret
(String username) Generate a new password for the snapshot, using the existing username and an optional encryption key.static SnapshotCredentials
fromGeneratedSecret
(String username, SnapshotCredentialsFromGeneratedPasswordOptions options) Generate a new password for the snapshot, using the existing username and an optional encryption key.static SnapshotCredentials
fromPassword
(SecretValue password) Update the snapshot login with an existing password.static SnapshotCredentials
fromSecret
(ISecret secret) Update the snapshot login with an existing password from a Secret.abstract IKey
KMS encryption key to encrypt the generated secret.abstract String
The characters to exclude from the generated password.abstract Boolean
Whether a new password should be generated.abstract SecretValue
The master user password.abstract Boolean
Whether to replace the generated secret when the criteria for the password change.abstract List<ReplicaRegion>
A list of regions where to replicate the generated secret.abstract ISecret
Secret used to instantiate this Login.abstract String
The master user name.Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Constructor Details
-
SnapshotCredentials
protected SnapshotCredentials(software.amazon.jsii.JsiiObjectRef objRef) -
SnapshotCredentials
protected SnapshotCredentials(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
SnapshotCredentials
@Stability(Stable) protected SnapshotCredentials()
-
-
Method Details
-
fromGeneratedPassword
@Stability(Stable) @NotNull public static SnapshotCredentials fromGeneratedPassword(@NotNull String username, @Nullable SnapshotCredentialsFromGeneratedPasswordOptions options) Generate a new password for the snapshot, using the existing username and an optional encryption key.Note - The username must match the existing master username of the snapshot.
NOTE: use
fromGeneratedSecret()
for new Clusters and Instances. Switching fromfromGeneratedPassword()
tofromGeneratedSecret()
for already deployed Clusters or Instances will update their master password.- Parameters:
username
- This parameter is required.options
-
-
fromGeneratedPassword
@Stability(Stable) @NotNull public static SnapshotCredentials fromGeneratedPassword(@NotNull String username) Generate a new password for the snapshot, using the existing username and an optional encryption key.Note - The username must match the existing master username of the snapshot.
NOTE: use
fromGeneratedSecret()
for new Clusters and Instances. Switching fromfromGeneratedPassword()
tofromGeneratedSecret()
for already deployed Clusters or Instances will update their master password.- Parameters:
username
- This parameter is required.
-
fromGeneratedSecret
@Stability(Stable) @NotNull public static SnapshotCredentials fromGeneratedSecret(@NotNull String username, @Nullable SnapshotCredentialsFromGeneratedPasswordOptions options) Generate a new password for the snapshot, using the existing username and an optional encryption key.The new credentials are stored in Secrets Manager.
Note - The username must match the existing master username of the snapshot.
- Parameters:
username
- This parameter is required.options
-
-
fromGeneratedSecret
@Stability(Stable) @NotNull public static SnapshotCredentials fromGeneratedSecret(@NotNull String username) Generate a new password for the snapshot, using the existing username and an optional encryption key.The new credentials are stored in Secrets Manager.
Note - The username must match the existing master username of the snapshot.
- Parameters:
username
- This parameter is required.
-
fromPassword
@Stability(Stable) @NotNull public static SnapshotCredentials fromPassword(@NotNull SecretValue password) Update the snapshot login with an existing password.- Parameters:
password
- This parameter is required.
-
fromSecret
Update the snapshot login with an existing password from a Secret.The Secret must be a JSON string with a
password
field:{ ... "password": <required: password>, }
- Parameters:
secret
- This parameter is required.
-
getGeneratePassword
Whether a new password should be generated. -
getEncryptionKey
KMS encryption key to encrypt the generated secret.Default: - default master key
-
getExcludeCharacters
The characters to exclude from the generated password.Only used if
generatePassword
if true.Default: - the DatabaseSecret default exclude character set (" %+~`#$invalid input: '&'*()|[]{}:;invalid input: '<'>?!'/@\"\\")
-
getPassword
The master user password.Do not put passwords in your CDK code directly.
Default: - the existing password from the snapshot
-
getReplaceOnPasswordCriteriaChanges
Whether to replace the generated secret when the criteria for the password change.Default: false
-
getReplicaRegions
A list of regions where to replicate the generated secret.Default: - Secret is not replicated
-
getSecret
Secret used to instantiate this Login.Default: - none
-
getUsername
The master user name.Must be the current master user name of the snapshot. It is not possible to change the master user name of a RDS instance.
Default: - the existing username from the snapshot
-