MultiUserHostedRotationOptions

class aws_cdk.aws_secretsmanager.MultiUserHostedRotationOptions(*, exclude_characters=None, function_name=None, security_groups=None, vpc=None, vpc_subnets=None, master_secret)

Bases: SingleUserHostedRotationOptions

Multi user hosted rotation options.

Parameters:
  • exclude_characters (Optional[str]) – A string of the characters that you don’t want in the password. Default: the same exclude characters as the ones used for the secret or “ %+~`#$&*()|[]{}:;<>?!’/@”"

  • function_name (Optional[str]) – A name for the Lambda created to rotate the secret. Default: - a CloudFormation generated name

  • security_groups (Optional[Sequence[ISecurityGroup]]) – A list of security groups for the Lambda created to rotate the secret. Default: - a new security group is created

  • vpc (Optional[IVpc]) – The VPC where the Lambda rotation function will run. Default: - the Lambda is not deployed in a VPC

  • vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – The type of subnets in the VPC where the Lambda rotation function will run. Default: - the Vpc default strategy if not specified.

  • master_secret (ISecret) – The master secret for a multi user rotation scheme.

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_ec2 as ec2
from aws_cdk import aws_secretsmanager as secretsmanager

# secret: secretsmanager.Secret
# security_group: ec2.SecurityGroup
# subnet: ec2.Subnet
# subnet_filter: ec2.SubnetFilter
# vpc: ec2.Vpc

multi_user_hosted_rotation_options = secretsmanager.MultiUserHostedRotationOptions(
    master_secret=secret,

    # the properties below are optional
    exclude_characters="excludeCharacters",
    function_name="functionName",
    security_groups=[security_group],
    vpc=vpc,
    vpc_subnets=ec2.SubnetSelection(
        availability_zones=["availabilityZones"],
        one_per_az=False,
        subnet_filters=[subnet_filter],
        subnet_group_name="subnetGroupName",
        subnets=[subnet],
        subnet_type=ec2.SubnetType.PRIVATE_ISOLATED
    )
)

Attributes

exclude_characters

A string of the characters that you don’t want in the password.

Default:

the same exclude characters as the ones used for the secret or “ %+~`#$&*()|[]{}:;<>?!’/@”"

function_name

A name for the Lambda created to rotate the secret.

Default:
  • a CloudFormation generated name

master_secret

The master secret for a multi user rotation scheme.

security_groups

A list of security groups for the Lambda created to rotate the secret.

Default:
  • a new security group is created

vpc

The VPC where the Lambda rotation function will run.

Default:
  • the Lambda is not deployed in a VPC

vpc_subnets

The type of subnets in the VPC where the Lambda rotation function will run.

Default:
  • the Vpc default strategy if not specified.