Interface DatabaseSecretProps
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
DatabaseSecretProps.Jsii$Proxy
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
date="2023-06-19T16:30:49.173Z")
@Stability(Stable)
public interface DatabaseSecretProps
extends software.amazon.jsii.JsiiSerializable
Construction properties for a DatabaseSecret.
Example:
DatabaseInstance instance; DatabaseSecret myUserSecret = DatabaseSecret.Builder.create(this, "MyUserSecret") .username("myuser") .secretName("my-user-secret") // optional, defaults to a CloudFormation-generated name .masterSecret(instance.getSecret()) .excludeCharacters("{}[]()'\"/\\") .build(); ISecret myUserSecretAttached = myUserSecret.attach(instance); // Adds DB connections information in the secret instance.addRotationMultiUser("MyUser", RotationMultiUserOptions.builder() // Add rotation using the multi user scheme .secret(myUserSecretAttached).build());
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A builder forDatabaseSecretProps
static final class
An implementation forDatabaseSecretProps
-
Method Summary
Modifier and TypeMethodDescriptionstatic DatabaseSecretProps.Builder
builder()
default IKey
The KMS key to use to encrypt the secret.default String
Characters to not include in the generated password.default ISecret
The master secret which will be used to rotate this secret.default Boolean
Whether to replace this secret when the criteria for the password change.default List<ReplicaRegion>
A list of regions where to replicate this secret.default String
A name for the secret.The username.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getUsername
The username. -
getEncryptionKey
The KMS key to use to encrypt the secret.Default: default master key
-
getExcludeCharacters
Characters to not include in the generated password.Default: " %+~`#$&*()|[]{}:;<>?!'/
-
getMasterSecret
The master secret which will be used to rotate this secret.Default: - no master secret information will be included
-
getReplaceOnPasswordCriteriaChanges
Whether to replace this secret when the criteria for the password change.This is achieved by overriding the logical id of the AWS::SecretsManager::Secret with a hash of the options that influence the password generation. This way a new secret will be created when the password is regenerated and the cluster or instance consuming this secret will have its credentials updated.
Default: false
-
getReplicaRegions
A list of regions where to replicate this secret.Default: - Secret is not replicated
-
getSecretName
A name for the secret.Default: - A name is generated by CloudFormation.
-
builder
- Returns:
- a
DatabaseSecretProps.Builder
ofDatabaseSecretProps
-