Single Secret key for multiple RDS instances.

Question

I like to know that is it possible in any way to use a single secret key of a user for multiple RDS instances, currently, we can use one secret for one RDS. I want that to be like one to many methodology.

Or else is there any other way to store and rotate the password of a MySQL DB user, like creating an IAM user and that should connect to MySQL, if I change the password of IAM that should reflect in MySQL also.

Answer

Hi, If you decode the secret, you will see that it contains the connection endpoint and dbname  the RDS instance. So, it won't work to have one single secret if you have several instances.

For exact content of the secret (when Postgres), see https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html#reference_secret_json_structure_rds-postgres

```
{
  "engine": "postgres",
  "host": "",
  "username": "",
  "password": "",
  "dbname": "",
  "port": ""
}

```

Single Secret key for multiple RDS instances.

相关内容