Package software.amazon.awscdk.services.rds

Interface CommonRotationUserOptions

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Subinterfaces:
RotationMultiUserOptions, RotationSingleUserOptions
All Known Implementing Classes:
CommonRotationUserOptions.Jsii$Proxy, RotationMultiUserOptions.Jsii$Proxy, RotationSingleUserOptions.Jsii$Proxy
@Generated(value="jsii-pacmak/1.119.0 (build 1634eac)", date="2025-11-17T14:40:59.056Z") @Stability(Stable) public interface CommonRotationUserOptions extends software.amazon.jsii.JsiiSerializable
Properties common to single-user and multi-user rotation options.

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.*;
 import software.amazon.awscdk.services.ec2.*;
 import software.amazon.awscdk.services.rds.*;
 InterfaceVpcEndpoint interfaceVpcEndpoint;
 SecurityGroup securityGroup;
 Subnet subnet;
 SubnetFilter subnetFilter;
 CommonRotationUserOptions commonRotationUserOptions = CommonRotationUserOptions.builder()
         .automaticallyAfter(Duration.minutes(30))
         .endpoint(interfaceVpcEndpoint)
         .excludeCharacters("excludeCharacters")
         .rotateImmediatelyOnUpdate(false)
         .securityGroup(securityGroup)
         .vpcSubnets(SubnetSelection.builder()
                 .availabilityZones(List.of("availabilityZones"))
                 .onePerAz(false)
                 .subnetFilters(List.of(subnetFilter))
                 .subnetGroupName("subnetGroupName")
                 .subnets(List.of(subnet))
                 .subnetType(SubnetType.PRIVATE_ISOLATED)
                 .build())
         .build();

  • Method Details

    • getAutomaticallyAfter

      @Stability(Stable) @Nullable default Duration getAutomaticallyAfter()
      Specifies the number of days after the previous rotation before Secrets Manager triggers the next automatic rotation.

      Default: - 30 days

    • getEndpoint

      @Stability(Stable) @Nullable default IInterfaceVpcEndpoint getEndpoint()
      The VPC interface endpoint to use for the Secrets Manager API.

      If you enable private DNS hostnames for your VPC private endpoint (the default), you don't need to specify an endpoint. The standard Secrets Manager DNS hostname the Secrets Manager CLI and SDKs use by default (https://secretsmanager..amazonaws.com) automatically resolves to your VPC endpoint.

      Default: https://secretsmanager..amazonaws.com

    • getExcludeCharacters

      @Stability(Stable) @Nullable default String getExcludeCharacters()
      Specifies characters to not include in generated passwords.

      Default: " %+~`#$invalid input: '&'*()|[]{}:;invalid input: '<'>?!'/@\"\\"

    • getRotateImmediatelyOnUpdate

      @Stability(Stable) @Nullable default Boolean getRotateImmediatelyOnUpdate()
      Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window.

      Default: true

    • getSecurityGroup

      @Stability(Stable) @Nullable default ISecurityGroup getSecurityGroup()
      The security group for the Lambda rotation function.

      Default: - a new security group is created

    • getVpcSubnets

      @Stability(Stable) @Nullable default SubnetSelection getVpcSubnets()
      Where to place the rotation Lambda function.

      Default: - same placement as instance or cluster

    • builder

      @Stability(Stable) static CommonRotationUserOptions.Builder builder()
      Returns:
      a CommonRotationUserOptions.Builder of CommonRotationUserOptions