aws-rds: add support for adding secrets to an RDS Proxy #26780
Labels
@aws-cdk/aws-rds
Related to Amazon Relational Database
effort/medium
Medium work item – several days of effort
feature-request
A feature should be added or improved.
p3
Comments
mneirynck
added
feature-request
github-actions
bot
added
the
@aws-cdk/aws-rds
|
This should be possible if we calculate this lazily However this could potentially be a breaking change if people are using escape hatches here, since producing lazy values messes with escape hatches. Could still be something we support, thanks for the request |
peterwoodworth
added
p2
effort/medium
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature
I would like to be able to add secrets to an RDS Proxy after the proxy has been created in an easy to use way.
Use Case
We have an RDS stack and have multiple Application stacks that use SSM exported parameters from the RDS Stack.
The RDS Proxy is created in the RDS stack before any application stack exists, so only one secret is known to the proxy at creation time (the one for the proxy itself).
When we create an application stack we would like to get that RDS Proxy and call a addSecret method on it to add the RDS Secret that is created for the application user.
Proposed Solution
The DatabaseProxy could add a method addSecret(ISecret) that adds the secret to the proxy and grants read access from the proxy to the secret.
Other Information
No response
Acknowledgements
CDK version used
2.91.0
Environment details (OS name and version, etc.)
Linux
The text was updated successfully, but these errors were encountered: