Open sushdesh opened 1 year ago
@sushdesh thanks for the report. The new SecretsManager integration is now fully supported in RDS CloudFormation. Please refer to the corresponding CFN documentation:
The documentation page you shared above is yet being updated.
Could we have some additional details on what the expected behavior is when restoring a DB instance/cluster from a snapshot that had ManageMasterUserPassword: true
?
Here's what I've noticed:
Scenario A) I restore a DBCluster that originally had ManageMasterUserPassword: true
and I include ManageMasterUserPassword: true
in the restored DBCluster template. This results in Cfn throwing
Resource handler returned message: "null" (RequestToken: 995487fe-1699-334c-99d2-5e27cea9d8a6, HandlerErrorCode: InternalFailure)
Scenario B) I restore a DBCluster that originally had ManageMasterUserPassword: true
and I do not include theManageMasterUserPassword
prop in the restored DBCluster template. This deploys successfully however the secret is not recreated. I am able to login to the database using the same password that was generated for the original cluster.
Name of the resource
AWS::RDS::DBInstance
Resource name
No response
Description
AWS RDS has added support for Password management with Amazon RDS and AWS Secrets Manager
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html
Customers who use CloudFormation cannot leverage this functionality as its not supported.
Other Details
No response