有没有办法在通过cdk制作RDS时设置默认密码
Is there a way to set the default password while making RDS by cdk
我用 cdk 的脚本制作了 RDS。
它使用户 myname 成为管理员,但是我在哪里可以获得密码?
还有,有没有办法通过脚本设置默认密码?
const dbInstance = new rds.DatabaseInstance(this, 'Instance', {
engine: rds.DatabaseInstanceEngine.mysql({
version: rds.MysqlEngineVersion.VER_8_0_19,
}),
vpc,
instanceIdentifier:`st-${targetEnv}-rds`,
vpcSubnets: {
subnetType: ec2.SubnetType.PUBLIC,
},
instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO),
publiclyAccessible: true,
removalPolicy: cdk.RemovalPolicy.DESTROY,
databaseName:`stybot${targetEnv}`,
credentials: rds.Credentials.fromGeneratedSecret('myname')
});
在您的示例代码中,当您使用:
credentials: rds.Credentials.fromGeneratedSecret('myname')
CDK 会自动创建一个 AWS Secrets Manager secret and store it there. You can view the password generated by retrieving the secret.
如果您想指定自己的密码,可以使用 Credentials.fromPassword. The documentation recommends not to have the password directly exposed in your CDK code for security reasons. You can also use Credentials.fromSecret 从您单独创建的 AWS Secrets Manager 密钥中读取值。
我用 cdk 的脚本制作了 RDS。
它使用户 myname 成为管理员,但是我在哪里可以获得密码?
还有,有没有办法通过脚本设置默认密码?
const dbInstance = new rds.DatabaseInstance(this, 'Instance', {
engine: rds.DatabaseInstanceEngine.mysql({
version: rds.MysqlEngineVersion.VER_8_0_19,
}),
vpc,
instanceIdentifier:`st-${targetEnv}-rds`,
vpcSubnets: {
subnetType: ec2.SubnetType.PUBLIC,
},
instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO),
publiclyAccessible: true,
removalPolicy: cdk.RemovalPolicy.DESTROY,
databaseName:`stybot${targetEnv}`,
credentials: rds.Credentials.fromGeneratedSecret('myname')
});
在您的示例代码中,当您使用:
credentials: rds.Credentials.fromGeneratedSecret('myname')
CDK 会自动创建一个 AWS Secrets Manager secret and store it there. You can view the password generated by retrieving the secret.
如果您想指定自己的密码,可以使用 Credentials.fromPassword. The documentation recommends not to have the password directly exposed in your CDK code for security reasons. You can also use Credentials.fromSecret 从您单独创建的 AWS Secrets Manager 密钥中读取值。