aws-cdk-lib.aws_rds.SnapshotCredentialsFromGeneratedPasswordOptions

interface SnapshotCredentialsFromGeneratedPasswordOptions

LanguageType name
.NETAmazon.CDK.AWS.RDS.SnapshotCredentialsFromGeneratedPasswordOptions
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsrds#SnapshotCredentialsFromGeneratedPasswordOptions
Javasoftware.amazon.awscdk.services.rds.SnapshotCredentialsFromGeneratedPasswordOptions
Pythonaws_cdk.aws_rds.SnapshotCredentialsFromGeneratedPasswordOptions
TypeScript (source)aws-cdk-lib » aws_rds » SnapshotCredentialsFromGeneratedPasswordOptions

Options used in the SnapshotCredentials.fromGeneratedPassword method.

Example

declare const vpc: ec2.Vpc;
const engine = rds.DatabaseInstanceEngine.postgres({ version: rds.PostgresEngineVersion.VER_15_2 });
const myKey = new kms.Key(this, 'MyKey');

new rds.DatabaseInstanceFromSnapshot(this, 'InstanceFromSnapshotWithCustomizedSecret', {
  engine,
  vpc,
  snapshotIdentifier: 'mySnapshot',
  credentials: rds.SnapshotCredentials.fromGeneratedSecret('username', {
    encryptionKey: myKey,
    excludeCharacters: '!&*^#@()',
    replicaRegions: [{ region: 'eu-west-1' }, { region: 'eu-west-2' }],
  }),
});

Properties

NameTypeDescription
encryptionKey?IKeyKMS encryption key to encrypt the generated secret.
excludeCharacters?stringThe characters to exclude from the generated password.
replicaRegions?ReplicaRegion[]A list of regions where to replicate this secret.

encryptionKey?

Type: IKey (optional, default: default master key)

KMS encryption key to encrypt the generated secret.


excludeCharacters?

Type: string (optional, default: the DatabaseSecret default exclude character set (" %+~`#$&()|[]{}:;<>?!'/@"\"))*

The characters to exclude from the generated password.


replicaRegions?

Type: ReplicaRegion[] (optional, default: Secret is not replicated)

A list of regions where to replicate this secret.