-
Notifications
You must be signed in to change notification settings - Fork 17
/
CommonRotationUserOptions.go
75 lines (72 loc) · 2.99 KB
/
CommonRotationUserOptions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package awsrds
import (
"github.com/aws/aws-cdk-go/awscdk/v2"
"github.com/aws/aws-cdk-go/awscdk/v2/awsec2"
)
// Properties common to single-user and multi-user rotation options.
//
// Example:
// // The code below shows an example of how to instantiate this type.
// // The values are placeholders you should change.
// import cdk "github.com/aws/aws-cdk-go/awscdk"
// import "github.com/aws/aws-cdk-go/awscdk"
// import "github.com/aws/aws-cdk-go/awscdk"
//
// var interfaceVpcEndpoint interfaceVpcEndpoint
// var securityGroup securityGroup
// var subnet subnet
// var subnetFilter subnetFilter
//
// commonRotationUserOptions := &CommonRotationUserOptions{
// AutomaticallyAfter: cdk.Duration_Minutes(jsii.Number(30)),
// Endpoint: interfaceVpcEndpoint,
// ExcludeCharacters: jsii.String("excludeCharacters"),
// RotateImmediatelyOnUpdate: jsii.Boolean(false),
// SecurityGroup: securityGroup,
// VpcSubnets: &SubnetSelection{
// AvailabilityZones: []*string{
// jsii.String("availabilityZones"),
// },
// OnePerAz: jsii.Boolean(false),
// SubnetFilters: []*subnetFilter{
// subnetFilter,
// },
// SubnetGroupName: jsii.String("subnetGroupName"),
// Subnets: []iSubnet{
// subnet,
// },
// SubnetType: awscdk.Aws_ec2.SubnetType_PRIVATE_ISOLATED,
// },
// }
//
type CommonRotationUserOptions struct {
// Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.
// Default: - 30 days.
//
AutomaticallyAfter awscdk.Duration `field:"optional" json:"automaticallyAfter" yaml:"automaticallyAfter"`
// The VPC interface endpoint to use for the Secrets Manager API.
//
// If you enable private DNS hostnames for your VPC private endpoint (the default), you don't
// need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager
// CLI and SDKs use by default (https://secretsmanager.<region>.amazonaws.com) automatically
// resolves to your VPC endpoint.
// Default: https://secretsmanager.<region>.amazonaws.com
//
Endpoint awsec2.IInterfaceVpcEndpoint `field:"optional" json:"endpoint" yaml:"endpoint"`
// Specifies characters to not include in generated passwords.
// Default: " %+~`#$&*()|[]{}:;<>?!'/@\"\\"
//
ExcludeCharacters *string `field:"optional" json:"excludeCharacters" yaml:"excludeCharacters"`
// Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window.
// Default: true.
//
RotateImmediatelyOnUpdate *bool `field:"optional" json:"rotateImmediatelyOnUpdate" yaml:"rotateImmediatelyOnUpdate"`
// The security group for the Lambda rotation function.
// Default: - a new security group is created.
//
SecurityGroup awsec2.ISecurityGroup `field:"optional" json:"securityGroup" yaml:"securityGroup"`
// Where to place the rotation Lambda function.
// Default: - same placement as instance or cluster.
//
VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}