Amazon Secrets Manager 密钥的 JSON 结构
您可以在 Secrets Manager 密钥中存储任何文本或二进制数据。如果要为 Secrets Manager 密钥启用自动轮换,则它必须使用正确的 JSON 结构。在轮替期间,Secrets Manager 会使用密钥中的信息连接到凭证源并更新其中的凭证。
请注意,当您使用控制台来存储某个数据库密钥时,Secrets Manager 会自动以正确的 JSON 结构创建该密钥。
您可以向密钥添加更多键值对(例如在数据库密钥中),以包含其他区域中副本数据库的连接信息。
主题
Amazon RDS MariaDB 密钥结构
{ "engine": "mariadb", "host": "
<instance host name/resolvable DNS name>
", "username": "<username>
", "password": "<password>
", "dbname": "<database name. If not specified, defaults to None>
", "port": "<TCP port number. If not specified, defaults to 3306>
" }
要使用 轮换策略:交替用户,则还需要包含名称-值对:
"masterarn": "
<the ARN of the elevated secret>
"
Amazon RDS MySQL 密钥结构
{ "engine": "mysql", "host": "
<instance host name/resolvable DNS name>
", "username": "<username>
", "password": "<password>
", "dbname": "<database name. If not specified, defaults to None>
", "port": "<TCP port number. If not specified, defaults to 3306>
" }
要使用 轮换策略:交替用户,则还需要包含名称-值对:
"masterarn": "
<the ARN of the elevated secret>
"
Amazon RDS Oracle 密钥结构
{ "engine": "oracle", "host": "
<required: instance host name/resolvable DNS name>
", "username": "<required: username>
", "password": "<required: password>
", "dbname": "<required: database name>
", "port": "<optional: TCP port number. If not specified, defaults to 1521>
" }
要使用 轮换策略:交替用户,则还需要包含名称-值对:
"masterarn": "
<the ARN of the elevated secret>
"
Amazon RDS PostgreSQL 密钥结构
{ "engine": "postgres", "host": "
<instance host name/resolvable DNS name>
", "username": "<username>
", "password": "<password>
", "dbname": "<database name. If not specified, defaults to 'postgres'>
", "port": "<TCP port number. If not specified, defaults to 5432>
" }
要使用 轮换策略:交替用户,则还需要包含名称-值对:
"masterarn": "
<the ARN of the elevated secret>
"
Amazon RDS Microsoft SQLServer 密钥结构
{ "engine": "sqlserver", "host": "
<instance host name/resolvable DNS name>
", "username": "<username>
", "password": "<password>
", "dbname": "<database name. If not specified, defaults to 'master'>
", "port": "<TCP port number. If not specified, defaults to 1433>
" }
要使用 轮换策略:交替用户,则还需要包含名称-值对:
"masterarn": "
<the ARN of the elevated secret>
"
Amazon DocumentDB 密钥结构
{ "engine": "mongo", "host": "
<instance host name/resolvable DNS name>
", "username": "<username>
", "password": "<password>
", "dbname": "<database name. If not specified, defaults to None>
", "port": "<TCP port number. If not specified, defaults to 27017>
" }
要使用 轮换策略:交替用户,则还需要包含名称-值对:
"masterarn": "
<the ARN of the elevated secret>
"
Amazon Redshift 密钥结构
{ "engine": "redshift", "host": "
<instance host name/resolvable DNS name>
", "username": "<username>
", "password": "<password>
", "dbname": "<database name. If not specified, defaults to None>
", "port": "<TCP port number. If not specified, defaults to 5439>
" }
要使用 轮换策略:交替用户,则还需要包含名称-值对:
"masterarn": "
<the ARN of the elevated secret>
"
Amazon ElastiCache 密钥结构
{ "password": "
<password>
", "username": "<username>
" "user_arn": "ARN of the Amazon EC2 user
" }
有关更多信息,请参阅《Amazon ElastiCache 用户指南》中的为用户自动轮换密码。