Skip to content

(aws-rds): SnapshotCredentials does not accept imported ISecret type #19409

New issue
New issue
Closed
#19639
Closed
(aws-rds): SnapshotCredentials does not accept imported ISecret type#19409
#19639
Labels
@aws-cdk/aws-rdsRelated to Amazon Relational DatabasebugThis issue is a bug.effort/smallSmall work item – less than a day of effortin-progressThis issue is being actively worked on.p1
@revmischa

Description

@revmischa
revmischa
opened on Mar 15, 2022

What is the problem?

Any way to import an existing DB secret and use it with an RDS ServerlessCluster?
If I use secretsmanager.Secret.fromSecretNameV2() it returns an ISecret but SnapshotCredentials.fromSecret(secret) wants a Secret

Seems like I can't import a secret and use it as credentials for a DB created from snapshot.

I did this:

          const dbSecret = SnapshotCredentials.fromGeneratedSecret("postgres");
          db = new DatabaseFromSnapshot(this, "DB", {
            ...dbProps,
            engine: DatabaseClusterEngine.AURORA_POSTGRESQL,
            snapshotIdentifier: dbSnapshotName,
            credentials: dbSecret,
          });

And it seems like it generates a new password for me at random times when I deploy. Not really what I want at all.

Reproduction Steps

See above code

What did you expect to happen?

Be able to use an existing secret with a DB from snapshot.

What actually happened?

image

CDK CLI Version

2.7.0

Framework Version

2.7.0

Node.js Version

14

OS

MacOS

Language

Typescript

Language Version

4.6

Other information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-rdsRelated to Amazon Relational DatabasebugThis issue is a bug.effort/smallSmall work item – less than a day of effortin-progressThis issue is being actively worked on.p1

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions