package awsrds import ( "github.com/aws/aws-cdk-go/awscdk/v2/awskms" "github.com/aws/aws-cdk-go/awscdk/v2/awssecretsmanager" ) // Construction properties for a DatabaseSecret. // // Example: // // Build a data source for AppSync to access the database. // var api graphqlApi // // Create username and password secret for DB Cluster // secret := rds.NewDatabaseSecret(this, jsii.String("AuroraSecret"), &DatabaseSecretProps{ // Username: jsii.String("clusteradmin"), // }) // // // The VPC to place the cluster in // vpc := ec2.NewVpc(this, jsii.String("AuroraVpc")) // // // Create the serverless cluster, provide all values needed to customise the database. // cluster := rds.NewServerlessCluster(this, jsii.String("AuroraCluster"), &ServerlessClusterProps{ // Engine: rds.DatabaseClusterEngine_AURORA_MYSQL(), // Vpc: Vpc, // Credentials: map[string]*string{ // "username": jsii.String("clusteradmin"), // }, // ClusterIdentifier: jsii.String("db-endpoint-test"), // DefaultDatabaseName: jsii.String("demos"), // }) // rdsDS := api.AddRdsDataSource(jsii.String("rds"), cluster, secret, jsii.String("demos")) // // // Set up a resolver for an RDS query. // rdsDS.CreateResolver(jsii.String("QueryGetDemosRdsResolver"), &BaseResolverProps{ // TypeName: jsii.String("Query"), // FieldName: jsii.String("getDemosRds"), // RequestMappingTemplate: appsync.MappingTemplate_FromString(jsii.String(` // { // "version": "2018-05-29", // "statements": [ // "SELECT * FROM demos" // ] // } // `)), // ResponseMappingTemplate: appsync.MappingTemplate_*FromString(jsii.String(` // $utils.toJson($utils.rds.toJsonObject($ctx.result)[0]) // `)), // }) // // // Set up a resolver for an RDS mutation. // rdsDS.CreateResolver(jsii.String("MutationAddDemoRdsResolver"), &BaseResolverProps{ // TypeName: jsii.String("Mutation"), // FieldName: jsii.String("addDemoRds"), // RequestMappingTemplate: appsync.MappingTemplate_*FromString(jsii.String(` // { // "version": "2018-05-29", // "statements": [ // "INSERT INTO demos VALUES (:id, :version)", // "SELECT * WHERE id = :id" // ], // "variableMap": { // ":id": $util.toJson($util.autoId()), // ":version": $util.toJson($ctx.args.version) // } // } // `)), // ResponseMappingTemplate: appsync.MappingTemplate_*FromString(jsii.String(` // $utils.toJson($utils.rds.toJsonObject($ctx.result)[1][0]) // `)), // }) // type DatabaseSecretProps struct { // The username. Username *string `field:"required" json:"username" yaml:"username"` // The database name, if not using the default one. Dbname *string `field:"optional" json:"dbname" yaml:"dbname"` // The KMS key to use to encrypt the secret. EncryptionKey awskms.IKey `field:"optional" json:"encryptionKey" yaml:"encryptionKey"` // Characters to not include in the generated password. ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"` // The master secret which will be used to rotate this secret. MasterSecret awssecretsmanager.ISecret `field:"optional" json:"masterSecret" yaml:"masterSecret"` // Whether to replace this secret when the criteria for the password change. // // This is achieved by overriding the logical id of the AWS::SecretsManager::Secret // with a hash of the options that influence the password generation. This // way a new secret will be created when the password is regenerated and the // cluster or instance consuming this secret will have its credentials updated. ReplaceOnPasswordCriteriaChanges *bool `field:"optional" json:"replaceOnPasswordCriteriaChanges" yaml:"replaceOnPasswordCriteriaChanges"` // A list of regions where to replicate this secret. ReplicaRegions *[]*awssecretsmanager.ReplicaRegion `field:"optional" json:"replicaRegions" yaml:"replicaRegions"` // A name for the secret. SecretName *string `field:"optional" json:"secretName" yaml:"secretName"` }