aws-cdk-lib.aws_rds.CredentialsBaseOptions

interface CredentialsBaseOptions

LanguageType name
.NETAmazon.CDK.AWS.RDS.CredentialsBaseOptions
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsrds#CredentialsBaseOptions
Javasoftware.amazon.awscdk.services.rds.CredentialsBaseOptions
Pythonaws_cdk.aws_rds.CredentialsBaseOptions
TypeScript (source)aws-cdk-lib » aws_rds » CredentialsBaseOptions

Base options for creating Credentials.

Example

declare const vpc: ec2.Vpc;
const engine = rds.DatabaseInstanceEngine.postgres({ version: rds.PostgresEngineVersion.VER_15_2 });
const myKey = new kms.Key(this, 'MyKey');

new rds.DatabaseInstance(this, 'InstanceWithCustomizedSecret', {
  engine,
  vpc,
  credentials: rds.Credentials.fromGeneratedSecret('postgres', {
    secretName: 'my-cool-name',
    encryptionKey: myKey,
    excludeCharacters: '!&*^#@()',
    replicaRegions: [{ region: 'eu-west-1' }, { region: 'eu-west-2' }],
  }),
});

Properties

NameTypeDescription
encryptionKey?IKeyKMS encryption key to encrypt the generated secret.
excludeCharacters?stringThe characters to exclude from the generated password.
replicaRegions?ReplicaRegion[]A list of regions where to replicate this secret.
secretName?stringThe name of the secret.

encryptionKey?

Type: IKey (optional, default: default master key)

KMS encryption key to encrypt the generated secret.


excludeCharacters?

Type: string (optional, default: the DatabaseSecret default exclude character set (" %+~`#$&()|[]{}:;<>?!'/@"\"))*

The characters to exclude from the generated password.

Has no effect if password has been provided.


replicaRegions?

Type: ReplicaRegion[] (optional, default: Secret is not replicated)

A list of regions where to replicate this secret.


secretName?

Type: string (optional, default: A name is generated by CloudFormation.)

The name of the secret.