aws-cdk-lib.aws_rds.RotationSingleUserOptions

interface RotationSingleUserOptions

LanguageType name
.NETAmazon.CDK.AWS.RDS.RotationSingleUserOptions
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsrds#RotationSingleUserOptions
Javasoftware.amazon.awscdk.services.rds.RotationSingleUserOptions
Pythonaws_cdk.aws_rds.RotationSingleUserOptions
TypeScript (source)aws-cdk-lib » aws_rds » RotationSingleUserOptions

Options to add the multi user rotation.

Example

declare const instance: rds.DatabaseInstance;
declare const myEndpoint: ec2.InterfaceVpcEndpoint;

instance.addRotationSingleUser({
  vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS }, // Place rotation Lambda in private subnets
  endpoint: myEndpoint, // Use VPC interface endpoint
});

Properties

NameTypeDescription
automaticallyAfter?DurationSpecifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.
endpoint?IInterfaceVpcEndpointThe VPC interface endpoint to use for the Secrets Manager API.
excludeCharacters?stringSpecifies characters to not include in generated passwords.
securityGroup?ISecurityGroupThe security group for the Lambda rotation function.
vpcSubnets?SubnetSelectionWhere to place the rotation Lambda function.

automaticallyAfter?

Type: Duration (optional, default: 30 days)

Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.


endpoint?

Type: IInterfaceVpcEndpoint (optional, default: https://secretsmanager..amazonaws.com)

The VPC interface endpoint to use for the Secrets Manager API.

If you enable private DNS hostnames for your VPC private endpoint (the default), you don't need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager CLI and SDKs use by default (https://secretsmanager..amazonaws.com) automatically resolves to your VPC endpoint.


excludeCharacters?

Type: string (optional, default: " %+~`#$&()|[]{}:;<>?!'/@"\")*

Specifies characters to not include in generated passwords.


securityGroup?

Type: ISecurityGroup (optional, default: a new security group is created)

The security group for the Lambda rotation function.


vpcSubnets?

Type: SubnetSelection (optional, default: same placement as instance or cluster)

Where to place the rotation Lambda function.