Database Access

Architecture

Manage database credentials securely:

• RDS credentials - MySQL, PostgreSQL, SQL Server connections
• Aurora secrets - Cluster authentication details
• Connection strings - Complete database connection information
• Read replicas - Separate credentials for read-only access

When to Use

Use this pattern when your application requires:

• Secure database connectivity without embedded credentials
• Automatic credential rotation for compliance
• Multiple database connections across environments
• Separation of read and write database access

Example Implementation

module "db_credentials" {
  source  = "registry.patterneddesigns.ca/patterneddesigns/secrets-manager/aws"
  version = "2.1.0"

  name = "prod/rds/postgres"
  secret_string = jsonencode({
    engine   = "postgres"
    host     = aws_db_instance.main.endpoint
    port     = 5432
    username = "app_user"
    password = random_password.db.result
    dbname   = "application"
  })

  kms_key_id              = module.kms.key_id
  recovery_window_in_days = 30
}