AWS Secrets Manager of "Credentials for RDS Database"

krishnadubey · July 1, 2021, 12:05pm

how to create AWS Secrets Manager of “Credentials for RDS Database” type. i did not find attribute to configure secret manager type.

Similar type of query already posted by user in forum and there is no reply from anyone.

vicyap · September 14, 2022, 3:48pm

I think “Credentials for RDS Database” is really just a JSON string with a specific schema depending on the DB engine. Here’s what I found in the AWS docs.

I created a DB Secret in Secretsmanager and here’s the text that I got back.

{
"username":"<username>",
"password":"<password>",
"engine":"postgres",
"host":"<instance host name/resolvable DNS name>",
"port":<TCP port number>,
"dbname":"<database name>",
"dbInstanceIdentifier":"<db instance name>"
}

fergoid · September 15, 2022, 11:47am

Yes that is the structure the AWS database rotation lambdas use to rotate database credentials. When we create RDS databases in Terraform we create a secret with this structure (with a random password value) and tell it to ignore changes to the secret string as the password will be changed outside of Terraform after initial creation.

Topic		Replies	Views
Secret for aws rds Terraform	0	298	January 30, 2021
RDS username version change when using secret manager AWS	4	868	June 28, 2023
Cycle : DB and secret manager AWS	2	294	November 10, 2023
AWS RDS secret password with automated rotation AWS	0	178	November 8, 2023
What the right way to dms/password and secret manager? Terraform	0	1053	December 14, 2021

AWS Secrets Manager of "Credentials for RDS Database"

Related topics