How to change the lambda function name for each run while rotating secrets
We 've a requirement to rotate the secrets for RDS MySQL. we are following the steps mentioned in the documentation https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-singleuser
Role, Lambda function permission get created and the secrets are rotated as well. when i use the code /template second time, Lambda function name is not changed and it causes the stack to fail . Is there a way to generate unique lambda function every time to avoid stack failure.
code snippet :
Transform: AWS::SecretsManager-2020-07-23
...
....
MySecretRotationSchedule:
Type: AWS::SecretsManager::RotationSchedule
Properties:
SecretId: !Ref Xyz
HostedRotationLambda:
RotationType: MySQLSingleUser
RotationRules:
AutomaticallyAfterDays: 30
- 最新
- 投票最多
- 评论最多
Hello.
Use !Sub or !Join to Construct Unique Names: These functions allow you to concatenate strings and include dynamic elements like stack name or unique IDs. Incorporate AWS::StackName and/or AWS::Region: Using these pseudo parameters ensures that your Lambda function name is unique per stack and region.
For example:
Resources:
MyLambdaFunction:
Type: AWS::Lambda::Function
Properties:
# Other required properties like Code, Handler, Role, Runtime
FunctionName: !Sub
- "${StackName}-${AWS::Region}-${UniqueID}-RotationLambda"
- StackName: !Ref AWS::StackName
UniqueID: !Ref UniqueResource # Replace with a unique resource in your template
MySecretRotationSchedule:
Type: AWS::SecretsManager::RotationSchedule
Properties:
SecretId: !Ref Xyz
HostedRotationLambda:
RotationType: MySQLSingleUser
RotationLambdaName: !Ref MyLambdaFunction
RotationRules:
AutomaticallyAfterDays: 30
Regards, Andrii
相关内容
AWS 官方已更新 1 年前
