aws-secrets-manager-rotation-lambdas icon indicating copy to clipboard operation
aws-secrets-manager-rotation-lambdas copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

Allow PostgreSQL single user rotation on databases with restricted password management

Open tyron opened this issue 4 years ago • 1 comments

Issue #, if available: n/a

Description of changes: When a RDS PostgreSQL instance is configured with restricted password management, only users member of rds_password role are allowed to change passwords. Setting this permission to any role grants permission to manage passwords in all roles, which might not be desirable. With the changes added on this feature, the masterarn field that is already used by the Multi User Rotation function can also be used in the Single User Rotation function. If this field is exists in the secret, then the Master user is used for setting the new password in the database. Otherwise, the user tries to change its own password.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

tyron avatar Dec 07 '20 21:12 tyron

Thank you for opening this request, We have noted this as a feature enhancement request.

goyalya avatar Oct 13 '22 19:10 goyalya