L2 Construct

DatabaseSecret

A database secret.

Import

import { DatabaseSecret } from 'aws-cdk-lib/aws-rds';

Or use the module namespace:

import * as rds from 'aws-cdk-lib/aws-rds';
// rds.DatabaseSecret

Properties

Configuration passed to the constructor as DatabaseSecretProps.

usernameRequired

string

The username.

dbnameOptional

string

The database name, if not using the default one.

Default: - whatever the secret generates after the attach method is run

encryptionKeyOptional

IKey

The KMS key to use to encrypt the secret.

Default: default master key

excludeCharactersOptional

string

Characters to not include in the generated password.

Default: " %+~`#$&*()|[]{}:;<>?!'/@\"\\"

masterSecretOptional

ISecret

The master secret which will be used to rotate this secret.

Default: - no master secret information will be included

replaceOnPasswordCriteriaChangesOptional

boolean

Whether to replace this secret when the criteria for the password change. This is achieved by overriding the logical id of the AWS::SecretsManager::Secret with a hash of the options that influence the password generation. This way a new secret will be created when the password is regenerated and the cluster or instance consuming this secret will have its credentials updated.

Default: false

replicaRegionsOptional

ReplicaRegion[]

A list of regions where to replicate this secret.

Default: - Secret is not replicated

secretNameOptional

string

A name for the secret.

Default: - A name is generated by CloudFormation.

Get the Amazon RDS Cheat Sheet

Everything you need to know about Amazon RDS on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

LevelL2 (Higher-level)

Moduleaws-rds

Properties8

Related Constructs

Explore This Service

External Links

CDK API Documentation