aws-secrets-manager-rotation-lambdas

aws-secrets-manager-rotation-lambdas copied to clipboard

ORACLE MultiUser doesn't support if the GET_GRANTED_DDL contains multiple sqls instead of one

1

As we have https://github.com/aws-samples/aws-secrets-manager-rotation-lambdas/blob/master/SecretsManagerRDSOracleRotationMultiUser/lambda_function.py#L196, for grant_type in ['ROLE_GRANT', 'SYSTEM_GRANT', 'OBJECT_GRANT']: try: cur.execute("SELECT DBMS_METADATA.GET_GRANTED_DDL('%s', '%s') FROM DUAL" % (grant_type, current_dict['username'].upper())) results = cur.fetchall() for row in results: sql = row[0].read().strip(' \n\t').replace("\"%s\""...

WilliamWeiWei

Output function role ARN

1

It would be great if the Cloudformation templates for these functions would output the ARN of the role that was created for inclusion in resource policies on the secrets. Right...

maclennann

Allow PostgreSQL single user rotation on databases with restricted password management

1

*Issue #, if available:* n/a *Description of changes:* When a RDS PostgreSQL instance is configured with [restricted password management](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.html#Appendix.PostgreSQL.CommonDBATasks.RestrictPasswordMgmt), only users member of `rds_password` role are allowed to change passwords....

tyron

Add support for rotation of IAM access keys

1

*Description of changes:* This stems from an AWS support issue #6724293101 where there's no current provided lambda function for IAM accesskey/secretkey credential rotation. I have several IAM credentials in need...

PeteW

SecretsManagerRDSMySQLRotationSingleUser application doesn't output role resource in aws serverlessrepo get-application output

2

I tried using SecretsManagerRDSMySQLRotationSingleUser application to create a lambda function in the AWS console but it looks like this application tries to create a role SecretsManagerRDSMySQLRotationSingleUserRole internally. My company doesn't...

mahesh-ogale

The [`finish_secret`](https://github.com/aws-samples/aws-secrets-manager-rotation-lambdas/blob/master/SecretsManagerRotationTemplate/lambda_function.py#L162) function has a bug in it if there is not a version found that is labeled as "AWSCURRENT". If there is not a version found that is labeled...

ryancausey

*Issue #, if available:* *Description of changes:* Exclude the internal schema pg_automv By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under...

timjell

Hi, My team is attempting to use the mysql multi user rotation script and running into a permissions issue. The first rotation runs successfully and creates the *_clone user and...

seanlogan-wh

Secrets rotation fails for Oracle RDS with SSL or NNE

4

Based on the documentation, [Oracle RDS Secrets rotation for SSL](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_turn-on-for-db.html#rotate-secrets_turn-on-for-db_step2) is not supported. I am testing with Oracle NNE (with endpoints for both Secrets Manager and RDS) and getting the...

smislam

Added rotation lambda for external API keys.

2

*Issue #, if available:* *Description of changes:* Added another example of rotation lambda for external API keys. Wanting to publish here so I can reference this in my upcoming blog...

davemedley