Class: AWSCDK::RDS::SnapshotCredentials
- Inherits:
-
Jsii::Object
- Object
- Jsii::Object
- AWSCDK::RDS::SnapshotCredentials
- Defined in:
- rds/snapshot_credentials.rb
Overview
Credentials to update the password for a DatabaseInstanceFromSnapshot.
Class Method Summary collapse
-
.from_generated_password(username, options = nil) ⇒ AWSCDK::RDS::SnapshotCredentials
Generate a new password for the snapshot, using the existing username and an optional encryption key.
-
.from_generated_secret(username, options = nil) ⇒ AWSCDK::RDS::SnapshotCredentials
Generate a new password for the snapshot, using the existing username and an optional encryption key.
-
.from_password(password) ⇒ AWSCDK::RDS::SnapshotCredentials
Update the snapshot login with an existing password.
-
.from_secret(secret) ⇒ AWSCDK::RDS::SnapshotCredentials
Update the snapshot login with an existing password from a Secret.
- .jsii_overridable_methods ⇒ Object
Instance Method Summary collapse
-
#encryption_key ⇒ AWSCDK::KMS::IKey?
KMS encryption key to encrypt the generated secret.
-
#exclude_characters ⇒ String?
The characters to exclude from the generated password.
-
#generate_password ⇒ Boolean
Whether a new password should be generated.
-
#initialize ⇒ SnapshotCredentials
constructor
A new instance of SnapshotCredentials.
-
#password ⇒ AWSCDK::SecretValue?
The master user password.
-
#replace_on_password_criteria_changes ⇒ Boolean?
Whether to replace the generated secret when the criteria for the password change.
-
#replica_regions ⇒ Array<AWSCDK::SecretsManager::ReplicaRegion>?
A list of regions where to replicate the generated secret.
-
#secret ⇒ AWSCDK::SecretsManager::ISecret?
Secret used to instantiate this Login.
-
#username ⇒ String?
The master user name.
Constructor Details
#initialize ⇒ SnapshotCredentials
Returns a new instance of SnapshotCredentials.
8 9 10 |
# File 'rds/snapshot_credentials.rb', line 8 def initialize Jsii::Object.instance_method(:initialize).bind(self).call end |
Class Method Details
.from_generated_password(username, options = nil) ⇒ AWSCDK::RDS::SnapshotCredentials
Generate a new password for the snapshot, using the existing username and an optional encryption key.
Note - The username must match the existing master username of the snapshot.
NOTE: use from_generated_secret() for new Clusters and Instances. Switching from
from_generated_password() to from_generated_secret() for already deployed Clusters
or Instances will update their master password.
36 37 38 39 40 41 |
# File 'rds/snapshot_credentials.rb', line 36 def self.from_generated_password(username, = nil) Jsii::Type.check_type(username, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "username") = .is_a?(Hash) ? ::AWSCDK::RDS::SnapshotCredentialsFromGeneratedPasswordOptions.new(**.transform_keys(&:to_sym)) : Jsii::Type.check_type(, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfcmRzLlNuYXBzaG90Q3JlZGVudGlhbHNGcm9tR2VuZXJhdGVkUGFzc3dvcmRPcHRpb25zIn0=")), "options") unless .nil? Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_rds.SnapshotCredentials", "fromGeneratedPassword", [username, ]) end |
.from_generated_secret(username, options = nil) ⇒ AWSCDK::RDS::SnapshotCredentials
Generate a new password for the snapshot, using the existing username and an optional encryption key.
The new credentials are stored in Secrets Manager.
Note - The username must match the existing master username of the snapshot.
52 53 54 55 56 57 |
# File 'rds/snapshot_credentials.rb', line 52 def self.from_generated_secret(username, = nil) Jsii::Type.check_type(username, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "username") = .is_a?(Hash) ? ::AWSCDK::RDS::SnapshotCredentialsFromGeneratedPasswordOptions.new(**.transform_keys(&:to_sym)) : Jsii::Type.check_type(, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfcmRzLlNuYXBzaG90Q3JlZGVudGlhbHNGcm9tR2VuZXJhdGVkUGFzc3dvcmRPcHRpb25zIn0=")), "options") unless .nil? Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_rds.SnapshotCredentials", "fromGeneratedSecret", [username, ]) end |
.from_password(password) ⇒ AWSCDK::RDS::SnapshotCredentials
Update the snapshot login with an existing password.
63 64 65 66 |
# File 'rds/snapshot_credentials.rb', line 63 def self.from_password(password) Jsii::Type.check_type(password, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5TZWNyZXRWYWx1ZSJ9")), "password") Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_rds.SnapshotCredentials", "fromPassword", [password]) end |
.from_secret(secret) ⇒ AWSCDK::RDS::SnapshotCredentials
Update the snapshot login with an existing password from a Secret.
The Secret must be a JSON string with a password field:
{
...
"password": <required: password>,
}
81 82 83 84 |
# File 'rds/snapshot_credentials.rb', line 81 def self.from_secret(secret) Jsii::Type.check_type(secret, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfc2VjcmV0c21hbmFnZXIuSVNlY3JldCJ9")), "secret") Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_rds.SnapshotCredentials", "fromSecret", [secret]) end |
.jsii_overridable_methods ⇒ Object
12 13 14 15 16 17 18 19 20 21 22 23 |
# File 'rds/snapshot_credentials.rb', line 12 def self.jsii_overridable_methods { :generate_password => { kind: :property, name: "generatePassword", is_optional: false }, :encryption_key => { kind: :property, name: "encryptionKey", is_optional: true }, :exclude_characters => { kind: :property, name: "excludeCharacters", is_optional: true }, :password => { kind: :property, name: "password", is_optional: true }, :replace_on_password_criteria_changes => { kind: :property, name: "replaceOnPasswordCriteriaChanges", is_optional: true }, :replica_regions => { kind: :property, name: "replicaRegions", is_optional: true }, :secret => { kind: :property, name: "secret", is_optional: true }, :username => { kind: :property, name: "username", is_optional: true }, } end |
Instance Method Details
#encryption_key ⇒ AWSCDK::KMS::IKey?
Default: - default master key
KMS encryption key to encrypt the generated secret.
97 98 99 |
# File 'rds/snapshot_credentials.rb', line 97 def encryption_key() jsii_get_property("encryptionKey") end |
#exclude_characters ⇒ String?
Default: - the DatabaseSecret default exclude character set (" %+~`#$&*()|[]{}:;<>?!'/@\"\")
The characters to exclude from the generated password.
Only used if generate_password if true.
107 108 109 |
# File 'rds/snapshot_credentials.rb', line 107 def exclude_characters() jsii_get_property("excludeCharacters") end |
#generate_password ⇒ Boolean
Whether a new password should be generated.
89 90 91 |
# File 'rds/snapshot_credentials.rb', line 89 def generate_password() jsii_get_property("generatePassword") end |
#password ⇒ AWSCDK::SecretValue?
Default: - the existing password from the snapshot
The master user password.
Do not put passwords in your CDK code directly.
117 118 119 |
# File 'rds/snapshot_credentials.rb', line 117 def password() jsii_get_property("password") end |
#replace_on_password_criteria_changes ⇒ Boolean?
Default: false
Whether to replace the generated secret when the criteria for the password change.
125 126 127 |
# File 'rds/snapshot_credentials.rb', line 125 def replace_on_password_criteria_changes() jsii_get_property("replaceOnPasswordCriteriaChanges") end |
#replica_regions ⇒ Array<AWSCDK::SecretsManager::ReplicaRegion>?
Default: - Secret is not replicated
A list of regions where to replicate the generated secret.
133 134 135 |
# File 'rds/snapshot_credentials.rb', line 133 def replica_regions() jsii_get_property("replicaRegions") end |
#secret ⇒ AWSCDK::SecretsManager::ISecret?
Default: - none
Secret used to instantiate this Login.
141 142 143 |
# File 'rds/snapshot_credentials.rb', line 141 def secret() jsii_get_property("secret") end |
#username ⇒ String?
Default: - the existing username from the snapshot
The master user name.
Must be the current master user name of the snapshot. It is not possible to change the master user name of a RDS instance.
152 153 154 |
# File 'rds/snapshot_credentials.rb', line 152 def username() jsii_get_property("username") end |