How to update Master Password of Aurora cluster via cloudformation

0

Hi team,

Good day.

I have created an aurora cluster and db instance via cloudformation script. At some point of time i need to update the MasterPassword for security purpose. We tried to make use of secret manager with automatic rotation enabled. But the problem with the secret manager is we can't define the particular time to do the rotation. So we decided not use that. Then i tried to make use of secret manager with dynamic reference. I will update the secret manually via console. Get the version and pass it to cloudformation template. I thought it will make aurora to update master password. But it didn't worked. Then i tried updating the password directly in cloudformation by passing parameter. As per CF both Cluster and Instance updated successfully. But still i couldn't connect to Aurora via latest password.
--Apply-immediately options is not available as attribute in CF. I'm not sure about the default settings for CF for aurora. Could you please advise what is the default config ?
Changing the password via management console and selecting " Wait for next maintanence window" looks like not working. After selecting that option i can't see any maintanence actions in Pending maintanence block.

Can someone please advise whether am i missing anything here ?

asked 4 years ago695 views
1 Answer
0

Changing password via cloudformation is reflecting only after maintanence window. CFN stacks straightaway goes and updates db instances. But changes are applying only during maintanence window.

answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions