aws-secrets-manager-rotation-lambdas

aws-secrets-manager-rotation-lambdas copied to clipboard

Error when attempting to use the rds rotate secret lambda template

1

When I attempted to use this code https://github.com/aws-samples/aws-secrets-manager-rotation-lambdas/blob/master/SecretsManagerRDSSQLServerRotationMultiUser/lambda_function.py I have tried multiple ways to get the pymssql package to work (either in the lambda function code or in a lambda...

mobious999

Unable to rotate Aurora Postgres secret if using the ReadOnly endpoint as Host

3

Hi there, I'm attempting to set up an Aurora v2 Cluster with the following users with Auto-Rotate password turned on for all of them: - `postgres` (admin) - `lambda_writer` (connects...

LukaHedtSV

Allow to set password_encryption algorithm

2

*Description of changes:* This allow you to override the encryption algorithm used by the server when storing the password to support legacy clients like Redshift. Redshift is not able to...

op

InfluxDB Rotation Multi-user - logically impossible to create secret

1

I'm trying to invoke a lambda to create a InfluxDB allAccess token from the readonly admin username/password. I am invoking the lambda sample : `SecretsManagerInfluxDBRotationMultiUser/lambda_function.py`, last commit for that file:...

nsaxelby

Secrets rotation lambda is affected by CWE-117 and CWE-93

1

When looking in AWS inspector it appears the lambda for secret rotation is vulnerable to the following log injection CWEs [CWE-117 ](https://cwe.mitre.org/data/definitions/117.html) [CWE-93 ](https://cwe.mitre.org/data/definitions/93.html) ``` User-provided inputs must be sanitized...

Niffy

*Issue # 157* *Description of changes:* HIGH-Severity Security Vulnerability from AWS-Inspector. `CWE-117,93 Log injection` ---------- Analysis: > HIGH-Severity Security Vulnerability from AWS-Inspector. > `CWE-117,93 Log injection` > The PostgreSQL-related Lambdas...

seetamraju

https://github.com/aws-samples/aws-secrets-manager-rotation-lambdas/blob/b4b8eca63e1f61bbcfb18c291b640f4fc3b0deb8/SecretsManagerRDSMariaDBRotationMultiUser/lambda_function.py#L207 This should be properly parameterized.

Steven-Beasley

# Summary A circular dependency occurs in the CloudFormation template when deploying the SecretsManagerMongoDBRotationSingleUser Lambda function due to how the Lambda permission references the function’s ARN. This issue prevents successful...

manuelkasiske4idealo

*Issue #, if available:* Kind of #108 *Description of changes:* Added a new template named `SecretsManagerRDSMySQLRotationSingleUserRetainPassword`. This template uses superuser secret to login to the MySQL (RDS) server and rotates...

kgns

### Discussed in https://github.com/aws-samples/aws-secrets-manager-rotation-lambdas/discussions/150 Originally posted by **estahn** October 31, 2024 It would be great for the rotation function to create the user if it's not existing and grant the...

simonmarty