Class: AWSCDK::RDS::Credentials

Inherits:
Jsii::Object
  • Object
show all
Defined in:
rds/credentials.rb

Overview

Username and password combination.

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeCredentials

Returns a new instance of Credentials.



8
9
10
# File 'rds/credentials.rb', line 8

def initialize
  Jsii::Object.instance_method(:initialize).bind(self).call
end

Class Method Details

.from_generated_secret(username, options = nil) ⇒ AWSCDK::RDS::Credentials

Creates Credentials with a password generated and stored in Secrets Manager.

Parameters:

Returns:

  • (AWSCDK::RDS::Credentials)


30
31
32
33
34
35
# File 'rds/credentials.rb', line 30

def self.from_generated_secret(username, options = nil)
  Jsii::Type.check_type(username, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "username")
  options = options.is_a?(Hash) ? ::AWSCDK::RDS::CredentialsBaseOptions.new(**options.transform_keys(&:to_sym)) : options
  Jsii::Type.check_type(options, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfcmRzLkNyZWRlbnRpYWxzQmFzZU9wdGlvbnMifQ==")), "options") unless options.nil?
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_rds.Credentials", "fromGeneratedSecret", [username, options])
end

.from_password(username, password) ⇒ AWSCDK::RDS::Credentials

Creates Credentials from a password.

Do not put passwords in your CDK code directly.

Parameters:

Returns:

  • (AWSCDK::RDS::Credentials)


44
45
46
47
48
# File 'rds/credentials.rb', line 44

def self.from_password(username, password)
  Jsii::Type.check_type(username, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "username")
  Jsii::Type.check_type(password, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5TZWNyZXRWYWx1ZSJ9")), "password")
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_rds.Credentials", "fromPassword", [username, password])
end

.from_secret(secret, username = nil) ⇒ AWSCDK::RDS::Credentials

Creates Credentials from an existing Secrets Manager Secret (or DatabaseSecret).

The Secret must be a JSON string with a username and password field:

{
  ...
  "username": <required: username>,
  "password": <required: password>,
}

Parameters:

  • secret (AWSCDK::SecretsManager::ISecret)

    The secret where the credentials are stored.

  • username (String, nil) (defaults to: nil)

    The username defined in the secret.

Returns:

  • (AWSCDK::RDS::Credentials)


65
66
67
68
69
# File 'rds/credentials.rb', line 65

def self.from_secret(secret, username = nil)
  Jsii::Type.check_type(secret, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfc2VjcmV0c21hbmFnZXIuSVNlY3JldCJ9")), "secret")
  Jsii::Type.check_type(username, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "username") unless username.nil?
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_rds.Credentials", "fromSecret", [secret, username])
end

.from_username(username, options = nil) ⇒ AWSCDK::RDS::Credentials

Creates Credentials for the given username, and optional password and key.

If no password is provided, one will be generated and stored in Secrets Manager.

Parameters:

Returns:

  • (AWSCDK::RDS::Credentials)


78
79
80
81
82
83
# File 'rds/credentials.rb', line 78

def self.from_username(username, options = nil)
  Jsii::Type.check_type(username, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "username")
  options = options.is_a?(Hash) ? ::AWSCDK::RDS::CredentialsFromUsernameOptions.new(**options.transform_keys(&:to_sym)) : options
  Jsii::Type.check_type(options, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfcmRzLkNyZWRlbnRpYWxzRnJvbVVzZXJuYW1lT3B0aW9ucyJ9")), "options") unless options.nil?
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_rds.Credentials", "fromUsername", [username, options])
end

.jsii_overridable_methodsObject



12
13
14
15
16
17
18
19
20
21
22
23
# File 'rds/credentials.rb', line 12

def self.jsii_overridable_methods
  {
    :username => { kind: :property, name: "username", is_optional: false },
    :encryption_key => { kind: :property, name: "encryptionKey", is_optional: true },
    :exclude_characters => { kind: :property, name: "excludeCharacters", is_optional: true },
    :password => { kind: :property, name: "password", is_optional: true },
    :replica_regions => { kind: :property, name: "replicaRegions", is_optional: true },
    :secret => { kind: :property, name: "secret", is_optional: true },
    :secret_name => { kind: :property, name: "secretName", is_optional: true },
    :username_as_string => { kind: :property, name: "usernameAsString", is_optional: true },
  }
end

Instance Method Details

#encryption_keyAWSCDK::KMS::IKey?

Note:

Default: - default master key

KMS encryption key to encrypt the generated secret.

Returns:



96
97
98
# File 'rds/credentials.rb', line 96

def encryption_key()
  jsii_get_property("encryptionKey")
end

#exclude_charactersString?

Note:

Default: - the DatabaseSecret default exclude character set (" %+~`#$&*()|[]{}:;<>?!'/@\"\")

The characters to exclude from the generated password.

Only used if password has not been set.

Returns:

  • (String, nil)


106
107
108
# File 'rds/credentials.rb', line 106

def exclude_characters()
  jsii_get_property("excludeCharacters")
end

#passwordAWSCDK::SecretValue?

Note:

Default: - a Secrets Manager generated password

Password.

Do not put passwords in your CDK code directly.

Returns:



116
117
118
# File 'rds/credentials.rb', line 116

def password()
  jsii_get_property("password")
end

#replica_regionsArray<AWSCDK::SecretsManager::ReplicaRegion>?

Note:

Default: - Secret is not replicated

A list of regions where to replicate the generated secret.

Returns:



124
125
126
# File 'rds/credentials.rb', line 124

def replica_regions()
  jsii_get_property("replicaRegions")
end

#secretAWSCDK::SecretsManager::ISecret?

Note:

Default: - none

Secret used to instantiate this Login.



132
133
134
# File 'rds/credentials.rb', line 132

def secret()
  jsii_get_property("secret")
end

#secret_nameString?

Note:

Default: - A name is generated by CloudFormation.

The name to use for the Secret if a new Secret is to be generated in SecretsManager for these Credentials.

Returns:

  • (String, nil)


140
141
142
# File 'rds/credentials.rb', line 140

def secret_name()
  jsii_get_property("secretName")
end

#usernameString

Username.

Returns:

  • (String)


88
89
90
# File 'rds/credentials.rb', line 88

def username()
  jsii_get_property("username")
end

#username_as_stringBoolean?

Note:

Default: false

Whether the username should be referenced as a string and not as a dynamic reference to the username in the secret.

Returns:

  • (Boolean, nil)


148
149
150
# File 'rds/credentials.rb', line 148

def username_as_string()
  jsii_get_property("usernameAsString")
end