AWS Secrets Manager rotation function templates
For Rotation by Lambda function, Secrets Manager provides a number of rotation function templates. To use the templates, see:
The templates support Python 3.9.
To write your own rotation function, see Write a rotation function.
Templates
- Amazon RDS and Amazon Aurora
- Amazon RDS Db2 single user
- Amazon RDS Db2 alternating users
- Amazon RDS MariaDB single user
- Amazon RDS MariaDB alternating users
- Amazon RDS and Amazon Aurora MySQL single user
- Amazon RDS and Amazon Aurora MySQL alternating users
- Amazon RDS Oracle single user
- Amazon RDS Oracle alternating users
- Amazon RDS and Amazon Aurora PostgreSQL single user
- Amazon RDS and Amazon Aurora PostgreSQL alternating users
- Amazon RDS Microsoft SQLServer single user
- Amazon RDS Microsoft SQLServer alternating users
- Amazon DocumentDB (with MongoDB compatibility)
- Amazon Redshift
- Amazon ElastiCache
- Other types of secrets
Amazon RDS and Amazon Aurora
Amazon RDS Db2 single user
-
Template name: SecretsManagerRDSDb2RotationSingleUser
-
Rotation strategy: Rotation strategy: single user.
-
SecretStringstructure: Amazon RDS Db2 secret structure. -
Dependency: python-ibmdb
Amazon RDS Db2 alternating users
-
Template name: SecretsManagerRDSDb2RotationMultiUser
-
Rotation strategy: Rotation strategy: alternating users.
-
SecretStringstructure: Amazon RDS Db2 secret structure. -
Dependency: python-ibmdb
Amazon RDS MariaDB single user
-
Template name: SecretsManagerRDSMariaDBRotationSingleUser
-
Rotation strategy: Rotation strategy: single user.
-
SecretStringstructure: Amazon RDS MariaDB secret structure. -
Dependency: PyMySQL 1.0.2
Amazon RDS MariaDB alternating users
-
Template name: SecretsManagerRDSMariaDBRotationMultiUser
-
Rotation strategy: Rotation strategy: alternating users.
-
SecretStringstructure: Amazon RDS MariaDB secret structure. -
Dependency: PyMySQL 1.0.2
Amazon RDS and Amazon Aurora MySQL single user
-
Template name: SecretsManagerRDSMySQLRotationSingleUser
-
Rotation strategy: Rotation strategy: single user.
-
Expected
SecretStringstructure: Amazon RDS and Amazon Aurora MySQL secret structure. -
Dependency: PyMySQL 1.0.2
Amazon RDS and Amazon Aurora MySQL alternating users
-
Template name: SecretsManagerRDSMySQLRotationMultiUser
-
Rotation strategy: Rotation strategy: alternating users.
-
Expected
SecretStringstructure: Amazon RDS and Amazon Aurora MySQL secret structure. -
Dependency: PyMySQL 1.0.2
Amazon RDS Oracle single user
-
Template name: SecretsManagerRDSOracleRotationSingleUser
-
Rotation strategy: Rotation strategy: single user.
-
Expected
SecretStringstructure: Amazon RDS Oracle secret structure. -
Dependency: python-oracledb 2.0.1
Amazon RDS Oracle alternating users
-
Template name: SecretsManagerRDSOracleRotationMultiUser
-
Rotation strategy: Rotation strategy: alternating users.
-
Expected
SecretStringstructure: Amazon RDS Oracle secret structure. -
Dependency: python-oracledb 2.0.1
Amazon RDS and Amazon Aurora PostgreSQL single user
-
Template name: SecretsManagerRDSPostgreSQLRotationSingleUser
-
Rotation strategy: Rotation strategy: single user.
-
Expected
SecretStringstructure: Amazon RDS and Amazon Aurora PostgreSQL secret structure. -
Dependency: PyGreSQL 5.0.7
Amazon RDS and Amazon Aurora PostgreSQL alternating users
-
Template name: SecretsManagerRDSPostgreSQLRotationMultiUser
-
Rotation strategy: Rotation strategy: alternating users.
-
Expected
SecretStringstructure: Amazon RDS and Amazon Aurora PostgreSQL secret structure. -
Dependency: PyGreSQL 5.0.7
Amazon RDS Microsoft SQLServer single user
-
Template name: SecretsManagerRDSSQLServerRotationSingleUser
-
Rotation strategy: Rotation strategy: single user.
-
Expected
SecretStringstructure: Amazon RDS Microsoft SQLServer secret structure. -
Dependency: Pymssql 2.2.2
Amazon RDS Microsoft SQLServer alternating users
-
Template name: SecretsManagerRDSSQLServerRotationMultiUser
-
Rotation strategy: Rotation strategy: alternating users.
-
Expected
SecretStringstructure: Amazon RDS Microsoft SQLServer secret structure. -
Dependency: Pymssql 2.2.2
Amazon DocumentDB (with MongoDB compatibility)
Amazon DocumentDB single user
-
Template name: SecretsManagerMongoDBRotationSingleUser
-
Rotation strategy: Rotation strategy: single user.
-
Expected
SecretStringstructure: Amazon DocumentDB secret structure. -
Dependency: Pymongo 3.2
Amazon DocumentDB alternating users
-
Template name: SecretsManagerMongoDBRotationMultiUser
-
Rotation strategy: Rotation strategy: alternating users.
-
Expected
SecretStringstructure: Amazon DocumentDB secret structure. -
Dependency: Pymongo 3.2
Amazon Redshift
Amazon Redshift single user
-
Template name: SecretsManagerRedshiftRotationSingleUser
-
Rotation strategy: Rotation strategy: single user.
-
Expected
SecretStringstructure: Amazon Redshift secret structure or Amazon Redshift Serverless secret structure. -
Dependency: PyGreSQL 5.0.7
Amazon Redshift alternating users
-
Template name: SecretsManagerRedshiftRotationMultiUser
-
Rotation strategy: Rotation strategy: alternating users.
-
Expected
SecretStringstructure: Amazon Redshift secret structure or Amazon Redshift Serverless secret structure. -
Dependency: PyGreSQL 5.0.7
Amazon ElastiCache
To use this template, see Automatically rotating passwords for users in the Amazon ElastiCache User Guide.
-
Template name: SecretsManagerElasticacheUserRotation
-
Expected
SecretStringstructure: Amazon ElastiCache secret structure.
Other types of secrets
Secrets Manager provides this template as a starting point for you to create a rotation function for any type of secret.
-
Template name: SecretsManagerRotationTemplate
