Interface DatabaseSecretProps

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
DatabaseSecretProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:49.173Z") @Stability(Stable) public interface DatabaseSecretProps extends software.amazon.jsii.JsiiSerializable
Construction properties for a DatabaseSecret.

Example:

 DatabaseInstance instance;
 DatabaseSecret myUserSecret = DatabaseSecret.Builder.create(this, "MyUserSecret")
         .username("myuser")
         .secretName("my-user-secret") // optional, defaults to a CloudFormation-generated name
         .masterSecret(instance.getSecret())
         .excludeCharacters("{}[]()'\"/\\")
         .build();
 ISecret myUserSecretAttached = myUserSecret.attach(instance); // Adds DB connections information in the secret
 instance.addRotationMultiUser("MyUser", RotationMultiUserOptions.builder() // Add rotation using the multi user scheme
         .secret(myUserSecretAttached).build());
 
  • Method Details

    • getUsername

      @Stability(Stable) @NotNull String getUsername()
      The username.
    • getEncryptionKey

      @Stability(Stable) @Nullable default IKey getEncryptionKey()
      The KMS key to use to encrypt the secret.

      Default: default master key

    • getExcludeCharacters

      @Stability(Stable) @Nullable default String getExcludeCharacters()
      Characters to not include in the generated password.

      Default: " %+~`#$&*()|[]{}:;<>?!'/

    • getMasterSecret

      @Stability(Stable) @Nullable default ISecret getMasterSecret()
      The master secret which will be used to rotate this secret.

      Default: - no master secret information will be included

    • getReplaceOnPasswordCriteriaChanges

      @Stability(Stable) @Nullable default Boolean getReplaceOnPasswordCriteriaChanges()
      Whether to replace this secret when the criteria for the password change.

      This is achieved by overriding the logical id of the AWS::SecretsManager::Secret with a hash of the options that influence the password generation. This way a new secret will be created when the password is regenerated and the cluster or instance consuming this secret will have its credentials updated.

      Default: false

    • getReplicaRegions

      @Stability(Stable) @Nullable default List<ReplicaRegion> getReplicaRegions()
      A list of regions where to replicate this secret.

      Default: - Secret is not replicated

    • getSecretName

      @Stability(Stable) @Nullable default String getSecretName()
      A name for the secret.

      Default: - A name is generated by CloudFormation.

    • builder

      @Stability(Stable) static DatabaseSecretProps.Builder builder()
      Returns:
      a DatabaseSecretProps.Builder of DatabaseSecretProps