-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[rds]: ability to specify the name for the automatically generated master password in AWS Secrets Manager #13746
Comments
Hey @sunshineo , thanks for opening the issue. The issue you linked to was closed, because the PR adding that feature was merged (#13626), although not yet released. Does #13626 cover what you need, or are you looking for something else? Thanks, |
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
@skinny85 #13626 does not cover what we need. It does not cover what #8984 ask for. #8984 should not have been closed by #13626 One more time: The name of that secret is auto-generated as well, we want to be able to specify that name |
@sunshineo can you show what code you are using for creating the Cluster? |
const vpc = new ec2.Vpc(stack, 'VPC');
const cluster = new rds.DatabaseCluster(stack, 'Database', {
engine: rds.DatabaseClusterEngine.auroraMysql({ version: rds.AuroraMysqlEngineVersion.VER_2_08_1 }),
instances: 3,
instanceProps: {
vpcSubnets: {
subnetType: ec2.SubnetType.PUBLIC,
},
vpc,
},
})
cluster.connections.allowFromAnyIpv4(
new ec2.Port({
stringRepresentation: '3306',
protocol: ec2.Protocol.TCP,
fromPort: 3306,
toPort: 3306
}),
'Open to everyone')
// We cannot control the name of the rds secret yet
// This is a workaround to save the secret full arn with a fixed name
new ssm.StringParameter(stack, 'temporal-rds-secret-full-arn', {
description: 'The name of the secret for the rds',
// This will be the name used by cdk8s project to setup temporal
parameterName: 'temporal-rds-secret-full-arn',
stringValue: cluster.secret?.secretFullArn || 'nosecret',
simpleName: true,
}) |
So, using #13626 , you can now do: const cluster = new rds.DatabaseCluster(this, 'Database', {
// other properties same as above...
credentials: rds.Credentials.fromUsername('admin', {
secretName: 'my-secret-name',
}),
}); Which I believe solves your problem? Or does it not? |
@skinny85 It works. Thank you very much! I guess I did not understand the merge request. However I do get a deprecated warning on |
I should use |
|
Shit, adding this will destroy the old db and create a new one |
|
This was requested in #8984 . But the issue was closed. I looked at the merge request, it seems to provide a way to specify the secret name when attach new secret to the RDS. But what we would prefer is set the name for the auto generated master password that saved in AWS Secrets Manager
@CONJAUMCGCG @hedrall
The text was updated successfully, but these errors were encountered: