AWS::RDS::DBProxy AuthFormat
Specifies the details of authentication used by a proxy to log in as a specific database user.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "AuthScheme" :String, "ClientPasswordAuthType" :String, "Description" :String, "IAMAuth" :String, "SecretArn" :String}
YAML
AuthScheme:StringClientPasswordAuthType:StringDescription:StringIAMAuth:StringSecretArn:String
Properties
AuthScheme-
The type of authentication that the proxy uses for connections from the proxy to the underlying database.
Valid Values:
SECRETSRequired: No
Type: String
Allowed values:
SECRETSUpdate requires: No interruption
ClientPasswordAuthType-
Specifies the details of authentication used by a proxy to log in as a specific database user.
Required: No
Type: String
Allowed values:
MYSQL_NATIVE_PASSWORD | POSTGRES_SCRAM_SHA_256 | POSTGRES_MD5 | SQL_SERVER_AUTHENTICATIONUpdate requires: No interruption
Description-
A user-specified description about the authentication used by a proxy to log in as a specific database user.
Required: No
Type: String
Update requires: No interruption
IAMAuth-
Whether to require or disallow Amazon Identity and Access Management (IAM) authentication for connections to the proxy. The
ENABLEDvalue is valid only for proxies with RDS for Microsoft SQL Server.Valid Values:
ENABLED | DISABLED | REQUIREDRequired: No
Type: String
Allowed values:
DISABLED | REQUIRED | ENABLEDUpdate requires: No interruption
SecretArn-
The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
Required: No
Type: String
Update requires: No interruption