cloudformation-coverage-roadmap icon indicating copy to clipboard operation
cloudformation-coverage-roadmap copied to clipboard
verified publisher icon aws-cloudformation

Include the reader host to the generated Aurora RDS cluster secret

Open aprat84 opened this issue 2 years ago • 1 comments

Name of the resource

AWS::SecretsManager::SecretTargetAttachment

Resource name

No response

Description

Include the reader host to the generated Secrets Manager secret for an RDS Aurora cluster.

Currently, the JSON it looks like this:

{
  "engine": "<engine type>",
  "dbClusterIdentifier": "<cluster identifier>",
  "host": "<cluster writer host>",
  "port": "<port number>"
  "username": "<username>",
  "password": "<password>",
  "dbname": "<database name>"
}

Use Case

It would be awesome to have the reader host in the secret, as we won't need to do string manipulation on our side:

// What else can we do!? 😅
const readerHost = secret.host.replace('.cluster-', '.cluster-ro-');

Proposed Solution

Just add a key conatining the readonly endpoint URL to the JSON (key name to your taste!), like so:

{
  "engine": "<engine type>",
  "dbClusterIdentifier": "<cluster identifier>",
  "host": "<cluster writer host>",
  "readerHost": "<cluster reader host>",
  "port": "<port number>"
  "username": "<username>",
  "password": "<password>",
  "dbname": "<database name>"
}

Other Details

Related AWS CDK issues: https://github.com/aws/aws-cdk/issues/11517 https://github.com/aws/aws-cdk/issues/22050

aprat84 avatar Jan 20 '23 09:01 aprat84

This would also be convenient if it worked for RDS read replica instances, instead of having to use text replacement to add -read to the host.

jamesmcglinn avatar Apr 08 '25 04:04 jamesmcglinn