interface CommonRotationUserOptions
Language | Type name |
---|---|
.NET | Amazon.CDK.AWS.RDS.CommonRotationUserOptions |
Go | github.com/aws/aws-cdk-go/awscdk/v2/awsrds#CommonRotationUserOptions |
Java | software.amazon.awscdk.services.rds.CommonRotationUserOptions |
Python | aws_cdk.aws_rds.CommonRotationUserOptions |
TypeScript (source) | aws-cdk-lib » aws_rds » CommonRotationUserOptions |
Properties common to single-user and multi-user rotation options.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as cdk from 'aws-cdk-lib';
import { aws_ec2 as ec2 } from 'aws-cdk-lib';
import { aws_rds as rds } from 'aws-cdk-lib';
declare const interfaceVpcEndpoint: ec2.InterfaceVpcEndpoint;
declare const securityGroup: ec2.SecurityGroup;
declare const subnet: ec2.Subnet;
declare const subnetFilter: ec2.SubnetFilter;
const commonRotationUserOptions: rds.CommonRotationUserOptions = {
automaticallyAfter: cdk.Duration.minutes(30),
endpoint: interfaceVpcEndpoint,
excludeCharacters: 'excludeCharacters',
rotateImmediatelyOnUpdate: false,
securityGroup: securityGroup,
vpcSubnets: {
availabilityZones: ['availabilityZones'],
onePerAz: false,
subnetFilters: [subnetFilter],
subnetGroupName: 'subnetGroupName',
subnets: [subnet],
subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
},
};
Properties
Name | Type | Description |
---|---|---|
automatically | Duration | Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation. |
endpoint? | IInterface | The VPC interface endpoint to use for the Secrets Manager API. |
exclude | string | Specifies characters to not include in generated passwords. |
rotate | boolean | Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. |
security | ISecurity | The security group for the Lambda rotation function. |
vpc | Subnet | Where to place the rotation Lambda function. |
automaticallyAfter?
Type:
Duration
(optional, default: 30 days)
Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.
endpoint?
Type:
IInterface
(optional, default: https://secretsmanager.
The VPC interface endpoint to use for the Secrets Manager API.
If you enable private DNS hostnames for your VPC private endpoint (the default), you don't need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager CLI and SDKs use by default (https://secretsmanager.<region>.amazonaws.com) automatically resolves to your VPC endpoint.
excludeCharacters?
Type:
string
(optional, default: " %+~`#$&()|[]{}:;<>?!'/@"\")*
Specifies characters to not include in generated passwords.
rotateImmediatelyOnUpdate?
Type:
boolean
(optional, default: true)
Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window.
securityGroup?
Type:
ISecurity
(optional, default: a new security group is created)
The security group for the Lambda rotation function.
vpcSubnets?
Type:
Subnet
(optional, default: same placement as instance or cluster)
Where to place the rotation Lambda function.